CVE-2024-53097 Siemens CVE debrief

Who should care

Organizations operating Siemens RUGGEDCOM RST2428P switches or SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 and XCM-/XRM-/XCH-/XRH-300 family switches in industrial environments should prioritize patching to prevent potential service disruptions from false MTE alarms.

Technical summary

The vulnerability exists in the Linux kernel's mm/krealloc.c implementation where the __do_krealloc function generates false positive MTE (Memory Tagging Extension) alarms. MTE is an ARM64 security feature that tags memory allocations to detect use-after-free and buffer overflow conditions. The false alarm condition can cause legitimate memory reallocation operations to trigger incorrect security warnings. This affects Siemens industrial networking products that incorporate the vulnerable kernel code through SINEC OS. The CVSS vector (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L) indicates a local attack vector requiring low privileges, with no confidentiality or integrity impact and low availability impact.

Defensive priority

LOW

Recommended defensive actions

• Apply vendor-provided updates to version 3.2 or later for affected Siemens RUGGEDCOM and SCALANCE products
• Review Siemens ProductCERT advisory SSA-355557 for specific product configuration guidance
• Follow CISA ICS recommended practices for defense-in-depth strategies
• Monitor for additional vendor guidance on SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family configurations

Evidence notes

CVE published 2025-08-12 per CISA CSAF advisory ICSA-25-226-07. Modified 2026-02-25. Advisory republished by CISA based on Siemens ProductCERT SSA-355557.

Official resources