PatchSiren cyber security CVE debrief
CVE-2024-50296 Siemens CVE debrief
A race condition in the hns3 Ethernet driver can cause a kernel crash when the driver is uninstalled while a Virtual Function (VF) is being disabled concurrently. This vulnerability affects Siemens industrial networking products running SINEC OS, specifically the RUGGEDCOM RST2428P and SCALANCE switch families. The issue is local in scope, requiring low privileges and no user interaction, but results in high availability impact through denial of service. Siemens has released firmware updates to address this vulnerability.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens RUGGEDCOM RST2428P or SCALANCE industrial Ethernet switches in critical infrastructure environments, particularly those with SR-IOV or virtualization workloads requiring VF management. OT security teams and network administrators responsible for maintaining availability of industrial control system networks.
Technical summary
The hns3 (Hisilicon Network Subsystem 3) Ethernet driver contains a race condition vulnerability that can trigger a kernel crash. The condition occurs when the driver is uninstalled concurrently with Virtual Function (VF) disablement. This is a local privilege issue with low attack complexity, affecting availability but not confidentiality or integrity. The vulnerability is present in Siemens industrial networking products utilizing SINEC OS with the hns3 driver.
Defensive priority
medium
Recommended defensive actions
- Apply vendor firmware updates to V3.2 or later for affected RUGGEDCOM and SCALANCE products per Siemens ProductCERT guidance
- For SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, consult Siemens ProductCERT SSA-355557 for specific configuration guidance
- Implement defense-in-depth strategies for industrial control systems per CISA recommended practices
- Monitor for anomalous system behavior indicating kernel instability on affected devices
- Restrict local access to administrative functions on affected industrial networking equipment
Evidence notes
CVE published 2025-08-12 per CISA CSAF advisory ICSA-25-226-07. Modified 2026-02-25 with republication based on Siemens ProductCERT SSA-355557. CVSS 3.1 vector confirms local attack vector with availability impact only.
Official resources
-
CVE-2024-50296 CVE record
CVE.org
-
CVE-2024-50296 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12