PatchSiren cyber security CVE debrief
CVE-2024-50237 Siemens CVE debrief
CVE-2024-50237 is a vulnerability in the Linux kernel's mac80211 wireless subsystem. The issue occurs when the .get_txpower callback passes a stopped virtual interface (vif) to the driver, potentially causing a crash due to uninitialized private data. The vulnerability was published on 2025-08-12 and last modified on 2026-02-25. Siemens ProductCERT issued advisory SSA-355557 addressing this CVE, which CISA subsequently republished as ICSA-25-226-07. The advisory was updated multiple times, with the most recent revision on 2026-02-25 clarifying affected product configurations and removing rejected CVEs from earlier versions. Siemens has assessed the impact as 'Misinformed' for the listed product IDs, indicating this CVE does not affect the specified Siemens products in the manner originally reported or the products are not vulnerable to this issue. No CVSS score or severity rating is available in the source data.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations running Linux-based systems with mac80211 wireless drivers, particularly industrial operators using Siemens SCALANCE or RUGGEDCOM networking equipment, should verify their exposure. However, Siemens has assessed this CVE as 'Misinformed' impact for their listed products, suggesting the vulnerability does not affect these products as originally reported.
Technical summary
The vulnerability exists in the Linux kernel's mac80211 wireless networking subsystem. When the .get_txpower callback is invoked, it may pass a stopped virtual interface (vif) to the underlying driver. This can result in the driver accessing uninitialized private data structures, potentially causing a kernel crash. The fix prevents passing stopped vifs to drivers in this code path.
Defensive priority
low
Recommended defensive actions
- Review Siemens ProductCERT advisory SSA-355557 for definitive product impact assessment
- Verify mac80211/wireless driver versions in use if running Linux-based systems with wireless interfaces
- Apply kernel updates from distribution maintainers when available
- Monitor CISA ICS advisories for updates to ICSA-25-226-07
Evidence notes
The source CISA CSAF advisory ICSA-25-226-07 (revision 4, 2026-02-25) indicates Siemens assessed impact as 'Misinformed' for product IDs CSAFPID-0006, CSAFPID-0002, and CSAFPID-0003. The CVE description describes a kernel-level mac80211 issue with stopped vif handling. No CVSS vector or score is present in source data.
Official resources
-
CVE-2024-50237 CVE record
CVE.org
-
CVE-2024-50237 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12