PatchSiren cyber security CVE debrief

CVE-2024-50301 Siemens CVE debrief

A slab-out-of-bounds memory access vulnerability exists in the Linux kernel's security/keys subsystem, specifically within the key_task_permission function. This flaw can lead to information disclosure and denial of service conditions. The vulnerability affects Siemens industrial networking products running SINEC OS, including RUGGEDCOM RST2428P switches and multiple SCALANCE product families. Local attackers with low privileges can exploit this issue to read sensitive kernel memory or cause system instability. The vulnerability was resolved in the upstream Linux kernel and Siemens has released firmware updates to address affected products.

Vendor: Siemens
Product: RUGGEDCOM RST2428P (6GK6242-6PA00)
CVSS: HIGH 7.1
CISA KEV: Not listed in stored evidence
Original CVE published: 2024-04-09
Original CVE updated: 2026-05-14
Advisory published: 2024-04-09
Advisory updated: 2026-05-14

Who should care

Organizations operating Siemens industrial networking infrastructure, particularly in critical infrastructure sectors (energy, manufacturing, transportation, water/wastewater). Security teams responsible for OT/ICS asset management, vulnerability management programs covering industrial control systems, and network administrators managing RUGGEDCOM or SCALANCE device deployments. Compliance officers tracking CISA ICS advisories and Siemens ProductCERT notifications.

Technical summary

CVE-2024-50301 is a slab-out-of-bounds vulnerability in the Linux kernel's security/keys subsystem, specifically in the key_task_permission function. This memory safety flaw allows local attackers with low privileges to read beyond allocated memory boundaries, potentially exposing sensitive kernel information or causing denial of service through memory corruption. The vulnerability stems from improper bounds checking when handling key permission operations. Siemens industrial networking products utilizing SINEC OS are affected, including RUGGEDCOM RST2428P switches and SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 and XCM-/XRM-/XCH-/XRH-300 families. The CVSS 3.1 score of 7.1 (HIGH) reflects significant confidentiality and availability impacts with a local attack vector. Remediation involves updating affected devices to firmware version 3.2 or later.

Defensive priority

HIGH

Recommended defensive actions

Apply vendor-provided firmware updates to V3.2 or later for affected RUGGEDCOM and SCALANCE products per Siemens ProductCERT guidance
For SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, consult Siemens ProductCERT advisory SSA-355557 for specific configuration guidance
Implement network segmentation to limit local access to affected industrial control systems
Monitor for anomalous system behavior indicative of kernel memory corruption or unexpected reboots
Review and apply CISA ICS recommended practices for defense-in-depth strategies
Validate firmware integrity through cryptographic verification before deployment
Establish maintenance windows for patching critical infrastructure components

Evidence notes

The vulnerability description indicates a slab-out-of-bounds condition in key_task_permission, which is a memory safety issue in the Linux kernel's key management subsystem. The CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H) confirms local attack vector with low attack complexity, requiring low privileges but no user interaction, yielding high impact to confidentiality and availability. Siemens ProductCERT advisory SSA-355557 provides vendor-specific remediation guidance. CISA advisory ICSA-25-226-07 was initially published 2025-08-12 and subsequently updated 2026-02-25 to clarify affected product configurations and remove rejected CVEs.

Official resources

2025-08-12