PatchSiren cyber security CVE debrief
CVE-2024-50558 Siemens CVE debrief
CVE-2024-50558 is a medium-severity access control vulnerability affecting 26 Siemens industrial networking devices across the SCALANCE M-800 family, RUGGEDCOM RM1224 series, and SCALANCE S615 product lines. Published on November 12, 2024, and last modified on May 6, 2025, this vulnerability stems from improper access control management for read-only user accounts. An authenticated attacker with low privileges can exploit this flaw to cause a temporary denial of service condition. The CVSS 3.1 score of 4.3 reflects network-based attack vector, low attack complexity, low privileges required, and no user interaction needed, with availability impact limited to temporary disruption. Siemens has released firmware version 8.2 or later to address this vulnerability across all affected products. Organizations operating these industrial routers in critical infrastructure environments should prioritize patching, as these devices are commonly deployed in OT/ICS networks where availability is paramount.
- Vendor
- Siemens
- Product
- RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)
- CVSS
- MEDIUM 4.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-11-12
- Original CVE updated
- 2025-05-06
- Advisory published
- 2024-11-12
- Advisory updated
- 2025-05-06
Who should care
Organizations operating Siemens industrial networking equipment in manufacturing, energy, transportation, and critical infrastructure sectors where SCALANCE and RUGGEDCOM devices provide remote connectivity and network segmentation for OT environments.
Technical summary
Improper access control for read-only users in Siemens SCALANCE M-800 family, RUGGEDCOM RM1224 LTE routers, and SCALANCE S615 LAN routers allows authenticated attackers to cause temporary denial of service. Affects 26 product variants. Fixed in firmware V8.2.
Defensive priority
medium
Recommended defensive actions
- Apply Siemens firmware update V8.2 or later to all affected SCALANCE M-800, RUGGEDCOM RM1224, and SCALANCE S615 devices
- Review and restrict read-only user account permissions to minimum necessary access
- Monitor device logs for anomalous activity from low-privilege accounts
- Implement network segmentation to limit exposure of industrial routers to untrusted networks
- Follow CISA ICS recommended practices for defense-in-depth strategies
- Validate backup and recovery procedures for affected devices before applying updates
Evidence notes
Vulnerability description and affected product list derived from CISA CSAF advisory ICSA-24-319-06. CVSS vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L confirms network-accessible, authenticated attack with availability impact only. Vendor fix to V8.2 or later specified for all 26 affected product variants.
Official resources
-
CVE-2024-50558 CVE record
CVE.org
-
CVE-2024-50558 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-11-12