PatchSiren cyber security CVE debrief
CVE-2024-53157 Siemens CVE debrief
A vulnerability in the Linux kernel's ARM SCPI (System Control and Power Interface) firmware driver could allow a local attacker to cause a denial of service (kernel crash). The flaw occurs when the SCPI firmware returns an Operating Performance Points (OPP) count of zero, which is not properly validated, leading to a kernel crash. This vulnerability affects Siemens industrial networking products running SINEC OS, specifically the RUGGEDCOM RST2428P and SCALANCE switch families. The issue was disclosed on August 12, 2025, and Siemens has provided firmware updates to address it.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens industrial networking equipment, particularly in critical infrastructure environments. System administrators managing RUGGEDCOM and SCALANCE devices. Security teams responsible for OT/ICS network protection. Organizations with local user access to industrial switches and routers.
Technical summary
The vulnerability exists in the firmware: arm_scpi driver in the Linux kernel. The driver fails to validate the DVFS (Dynamic Voltage and Frequency Scaling) OPP (Operating Performance Points) count returned by SCPI firmware. When the firmware returns an OPP count of zero, the kernel crashes. This is a local vulnerability requiring low privileges to exploit, with no confidentiality or integrity impact but high availability impact. The CVSS 3.1 vector is AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. Affected products include Siemens RUGGEDCOM RST2428P (6GK6242-6PA00), SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, and SCALANCE XCM-/XRM-/XCH-/XRH-300 family running SINEC OS. Remediation involves updating to firmware version 3.2 or later where available.
Defensive priority
medium
Recommended defensive actions
- Apply vendor-provided firmware updates: Update RUGGEDCOM RST2428P and SCALANCE XCM-/XRM-/XCH-/XRH-300 family devices to version 3.2 or later
- For SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, consult Siemens ProductCERT advisory SSA-355557 for specific update guidance
- Implement defense-in-depth strategies for industrial control systems as recommended by CISA
- Restrict local access to affected devices to authorized personnel only
- Monitor for anomalous system behavior or unexpected reboots that may indicate exploitation attempts
Evidence notes
The vulnerability is documented in CISA advisory ICSA-25-226-07, which references Siemens ProductCERT advisory SSA-355557. The flaw is in the firmware: arm_scpi driver where DVFS OPP count validation is missing. CVSS 3.1 score of 5.5 (MEDIUM) with AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H vector indicates local attack vector with low attack complexity and low privileges required, resulting in high availability impact.
Official resources
-
CVE-2024-53157 CVE record
CVE.org
-
CVE-2024-53157 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12