CVE-2024-56691 Siemens CVE debrief

Who should care

Organizations operating Siemens industrial networking equipment including RUGGEDCOM RST2428P switches and SCALANCE XC/XR/XCM/XRM/XCH/XRH series switches in industrial control system environments. System administrators responsible for Linux kernel security on Intel Broxton-based platforms should also monitor this vulnerability.

Technical summary

The vulnerability exists in the mfd/intel_soc_pmic_bxtwc driver which handles power management for Intel Broxton SoC platforms. The driver's conversion to use IRQ domain hierarchy for USB Type-C device interrupt handling contains implementation flaws that could result in system instability or denial of service. The CVSS 3.1 score of 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) indicates a local attack vector where an attacker with low privileges could cause high availability impact without user interaction. The confidentiality and integrity impacts are rated as none.

Defensive priority

medium

Recommended defensive actions

• Apply vendor-provided updates: Update RUGGEDCOM RST2428P and SCALANCE XCM-/XRM-/XCH-/XRH-300 family to V3.2 or later
• For SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, consult Siemens advisory for specific update guidance
• Follow CISA ICS recommended practices for defense-in-depth strategies
• Monitor Siemens ProductCERT advisory SSA-355557 for additional remediation guidance

Evidence notes

Vulnerability description and affected products confirmed through CISA CSAF advisory ICSA-25-226-07, which references Siemens ProductCERT advisory SSA-355557. CVSS vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H indicates local attack vector with low attack complexity, low privileges required, no user interaction, and high availability impact.

Official resources