PatchSiren cyber security CVE debrief
CVE-2024-53161 Siemens CVE debrief
CVE-2024-53161 is a medium-severity integer overflow vulnerability in the EDAC/bluefield kernel component affecting Siemens industrial networking products. The flaw stems from a 32-bit mem_ctrl_idx variable being left-shifted 16 bits when constructing a 64-bit SMC (Secure Monitor Call) argument for retrieving DIMM information. This truncation causes loss of the upper 16 bits of data, potentially leading to incorrect memory controller indexing. The vulnerability was published on August 12, 2025, and last modified on February 25, 2026, when CISA republished the advisory based on updated Siemens ProductCERT guidance. Siemens has released firmware updates to address this issue.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- MEDIUM 6.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, SCALANCE XCM-/XRM-/XCH-/XRH-300 family, or RUGGEDCOM RST2428P industrial Ethernet switches in critical infrastructure environments, particularly those in manufacturing, energy, transportation, and other OT/ICS sectors where device availability is paramount.
Technical summary
The vulnerability exists in the Error Detection and Correction (EDAC) driver for BlueField platforms, specifically in the construction of a 64-bit argument for the get DIMM info SMC call. The mem_ctrl_idx variable, when defined as 32-bit, loses its upper 16 bits during a left-shift operation of 16 bits. This truncation can result in incorrect memory controller identification, potentially causing system instability or denial of service conditions. The fix requires defining mem_ctrl_idx as 64-bit to preserve all data during the shift operation. The vulnerability is exploitable locally with low privileges and does not require user interaction.
Defensive priority
medium
Recommended defensive actions
- Apply vendor-provided firmware updates to V3.2 or later for affected RUGGEDCOM RST2428P and SCALANCE XCM-/XRM-/XCH-/XRH-300 family devices
- For SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, consult Siemens ProductCERT advisory SSA-355557 for specific configuration guidance and update paths
- Implement network segmentation for industrial control systems to limit local access to affected devices
- Monitor for anomalous behavior in memory controller operations on affected systems
- Review and apply CISA ICS recommended practices for defense-in-depth strategies
- Verify firmware integrity through Siemens official support channels before deployment
Evidence notes
The vulnerability description is derived from the CISA CSAF advisory ICSA-25-226-07, which references Siemens ProductCERT advisory SSA-355557. The CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H) indicates local attack vector with low attack complexity, requiring low privileges, with high availability impact but no confidentiality impact and low integrity impact. The affected products are confirmed through the CSAF product tree with high confidence.
Official resources
-
CVE-2024-53161 CVE record
CVE.org
-
CVE-2024-53161 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12