PatchSiren cyber security CVE debrief
CVE-2024-50083 Siemens CVE debrief
CVE-2024-50083 is a vulnerability in the Linux kernel's Multipath TCP (MPTCP) implementation that may cause Data Sequence Signal (DSS) corruption due to large Path MTU (PMTU) transmissions. The issue is addressed in the __mptcp_move_skbs_from_subflow function. Siemens has identified this vulnerability as affecting multiple industrial networking products running SINEC OS, including the RUGGEDCOM RST2428P and SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family devices. The vulnerability was published on August 12, 2025, with subsequent modifications to the advisory through February 25, 2026, including corrections to affected product lists and clarifications on affected configurations. The CVSS 3.1 score of 5.5 (MEDIUM) reflects local attack vector, low attack complexity, low privileges required, and high availability impact with no confidentiality or integrity impact.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens industrial networking infrastructure, particularly those using RUGGEDCOM RST2428P switches or SCALANCE XC/XR/XCM/XRM/XCH/XRH series devices in critical infrastructure environments. Security teams responsible for OT/ICS network security and patch management should prioritize assessment and remediation.
Technical summary
This vulnerability exists in the Linux kernel's Multipath TCP (MPTCP) subsystem, specifically in how the __mptcp_move_skbs_from_subflow function handles large PMTU transmissions. The Data Sequence Signal (DSS) corruption can occur during these transmissions, potentially leading to availability impacts on affected systems. The vulnerability requires local access and low privileges to exploit, with no impact on confidentiality or integrity but high impact on availability. Siemens has confirmed affected products include RUGGEDCOM RST2428P (6GK6242-6PA00), SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, and SCALANCE XCM-/XRM-/XCH-/XRH-300 family devices running SINEC OS. Remediation involves updating to V3.2 or later versions.
Defensive priority
medium
Recommended defensive actions
- Apply vendor-provided updates to V3.2 or later version for affected RUGGEDCOM and SCALANCE products per Siemens ProductCERT guidance.
- For SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family devices, consult Siemens ProductCERT advisory SSA-355557 for specific configuration guidance.
- Implement network segmentation for industrial control systems to limit exposure of affected devices.
- Monitor for anomalous network behavior or unexpected MPTCP connection failures that may indicate exploitation attempts.
- Review and apply CISA ICS recommended practices for defense-in-depth strategies.
Evidence notes
The vulnerability description is sourced from CISA CSAF advisory ICSA-25-226-07, which references Siemens ProductCERT advisory SSA-355557. The advisory was initially published on 2025-08-12 and subsequently modified on 2026-02-12, 2026-02-24, and 2026-02-25. The February 25, 2026 update was a CISA republication based on the Siemens ProductCERT SSA-355557 advisory. The CVSS vector indicates local attack requirements with high availability impact.
Official resources
-
CVE-2024-50083 CVE record
CVE.org
-
CVE-2024-50083 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12