PatchSiren cyber security CVE debrief
CVE-2024-50236 Siemens CVE debrief
CVE-2024-50236 is a memory leak vulnerability in the Linux kernel's ath10k Wi-Fi driver affecting management frame transmission. The flaw occurs when memory allocated for MSDU context during management packet transmission is not properly freed during TX completion or cleanup operations. This vulnerability was published on 2025-08-12 and last modified on 2026-02-25. The vulnerability is present in Siemens industrial networking products running SINEC OS, specifically the RUGGEDCOM RST2428P and SCALANCE X-family switches. However, CISA's advisory ICSA-25-226-07 categorizes the impact as 'Misinformed' for the affected product IDs, suggesting the vulnerability may not be exploitable or relevant in the specific Siemens product configurations. No CVSS score or severity rating is currently assigned. Organizations should consult Siemens ProductCERT advisory SSA-355557 for specific patch guidance and affected product configurations.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens RUGGEDCOM RST2428P switches or SCALANCE X-family industrial Ethernet switches with Wi-Fi capabilities; industrial control system operators using SINEC OS; security teams responsible for OT/ICS network infrastructure; vulnerability management programs tracking kernel-level wireless driver vulnerabilities
Technical summary
The vulnerability exists in the ath10k Qualcomm Atheros Wi-Fi driver within the Linux kernel. During management frame transmission, memory is allocated to store MSDU (MAC Service Data Unit) context information. This allocated memory is not freed during the management TX completion callback, nor is it properly cleaned up in the management TX cleanup path. The memory leak could lead to resource exhaustion over time if management frames are transmitted repeatedly. The vulnerability affects Siemens industrial networking products that incorporate the vulnerable kernel driver, though CISA's advisory indicates the impact may be mitigated or non-exploitable in the specific product configurations (impact rated 'Misinformed').
Defensive priority
medium
Recommended defensive actions
- Review Siemens ProductCERT advisory SSA-355557 for specific affected product configurations and patch availability
- Verify if deployed Siemens RUGGEDCOM RST2428P or SCALANCE X-family devices use Wi-Fi functionality via ath10k driver
- Apply vendor-provided firmware updates when available per Siemens security advisory guidance
- Monitor CISA ICS advisories for updates to ICSA-25-226-07
- Implement network segmentation for industrial control systems per CISA recommended practices
Evidence notes
Memory leak in ath10k Wi-Fi driver management TX path; impact categorized as 'Misinformed' in CISA advisory for affected Siemens product IDs
Official resources
-
CVE-2024-50236 CVE record
CVE.org
-
CVE-2024-50236 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12