PatchSiren cyber security CVE debrief
CVE-2024-50290 Siemens CVE debrief
CVE-2024-50290 is a medium-severity vulnerability in the Linux kernel's cx24116 media driver, affecting Siemens industrial networking products. The flaw involves an integer underflow in Signal-to-Noise Ratio (SNR) calculations when register reads fail, returning negative values that cause arithmetic underflow. This local attack vector requires low privileges and no user interaction, with high availability impact but no confidentiality or integrity impact. The vulnerability was identified through Coverity static analysis and affects Siemens RUGGEDCOM RST2428P and SCALANCE switch families running SINEC OS. Siemens has released firmware updates to address this issue.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens RUGGEDCOM RST2428P industrial routers or SCALANCE XC/XR/XCM/XRM/XCH/XRH switch families in industrial control system environments. Security teams responsible for OT/ICS infrastructure, network administrators managing industrial Ethernet switches, and compliance personnel tracking CVE remediation in critical infrastructure sectors.
Technical summary
The vulnerability exists in the cx24116 DVB-S/S2 demodulator driver within the Linux kernel media subsystem. When SNR register reads fail, the driver returns a negative error code that is subsequently used in unsigned arithmetic operations, causing an integer underflow. This results in incorrect SNR calculations and potential system instability. The CVSS 3.1 score of 5.5 reflects local attack vector, low attack complexity, low privileges required, no user interaction, and high availability impact with no confidentiality or integrity effects. The flaw was detected through Coverity static analysis. Affected Siemens products incorporate this vulnerable kernel component in their SINEC OS firmware.
Defensive priority
medium
Recommended defensive actions
- Apply vendor firmware updates: Update RUGGEDCOM RST2428P and SCALANCE XCM-/XRM-/XCH-/XRH-300 family devices to firmware V3.2 or later per Siemens guidance
- For SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, consult Siemens ProductCERT advisory SSA-355557 for specific configuration guidance and available updates
- Implement defense-in-depth controls for industrial control systems per CISA recommended practices
- Restrict local access to affected devices to authorized personnel only
- Monitor for anomalous system behavior or unexpected device resets that may indicate exploitation attempts
Evidence notes
Vulnerability description indicates Coverity static analysis identified the flaw. CVSS 3.1 vector confirms local attack vector with low attack complexity. Siemens ProductCERT advisory SSA-355557 provides remediation guidance. CISA ICS advisory ICSA-25-226-07 republished with corrections through February 2026.
Official resources
-
CVE-2024-50290 CVE record
CVE.org
-
CVE-2024-50290 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12