PatchSiren cyber security CVE debrief
CVE-2024-58014 Siemens CVE debrief
CVE-2024-58014 is a medium-severity vulnerability (CVSS 6.0) affecting the brcmsmac Wi-Fi driver in the Linux kernel, specifically within the `wlc_phy_iqcal_gainparams_nphy()` function. The issue involves a missing gain range check that could lead to out-of-bounds access or improper calibration parameters. Siemens has identified this vulnerability as affecting the GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP industrial control system. The vulnerability was published on April 9, 2024, and the advisory has been actively maintained with multiple updates through September 2025, indicating ongoing monitoring and additional CVE additions to the same advisory bundle. As of the latest advisory revision, no patch is available from Siemens for this specific product. The vulnerability requires local access and high privileges to exploit, with potential impacts to confidentiality and availability. Organizations should implement access controls and trusted source policies as interim mitigations.
- Vendor
- Siemens
- Product
- SIMATIC S7-1500 TM MFP - GNU/Linux subsystem
- CVSS
- MEDIUM 6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-04-09
- Original CVE updated
- 2026-05-14
- Advisory published
- 2024-04-09
- Advisory updated
- 2026-05-14
Who should care
Industrial control system operators using Siemens SIMATIC S7-1500 TM MFP with the GNU/Linux subsystem enabled; OT security teams managing embedded Linux environments; organizations with defense-in-depth requirements for critical infrastructure.
Technical summary
The vulnerability exists in the brcmsmac (Broadcom 802.11n Wireless LAN driver) within the Linux kernel's PHY calibration code. The `wlc_phy_iqcal_gainparams_nphy()` function lacks proper validation of gain parameters, potentially allowing out-of-bounds access when processing calibration data. This affects the GNU/Linux subsystem embedded in Siemens SIMATIC S7-1500 TM MFP devices. The vulnerability is locally exploitable with high privileges required, limiting attack surface to authenticated users with shell access to the Linux subsystem.
Defensive priority
medium
Recommended defensive actions
- Limit interactive shell access to the GNU/Linux subsystem to trusted personnel only
- Only build and run applications from trusted sources
- Monitor for future security updates from Siemens ProductCERT
- Apply defense-in-depth strategies for industrial control systems
- Review and implement ICS-CERT recommended practices for network segmentation
Evidence notes
The vulnerability description indicates this is a Linux kernel Wi-Fi driver issue (brcmsmac) affecting a gain range check. The Siemens product uses an embedded GNU/Linux subsystem, making it susceptible to this kernel-level vulnerability. The CVSS vector confirms local attack vector with high privileges required.
Official resources
-
CVE-2024-58014 CVE record
CVE.org
-
CVE-2024-58014 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
This vulnerability was disclosed through coordinated disclosure via CISA and Siemens ProductCERT. The advisory ICSA-24-102-01 was initially published on April 9, 2024, and has undergone ten revision cycles, with the most recent update on or