PatchSiren cyber security CVE debrief
CVE-2024-58051 Siemens CVE debrief
CVE-2024-58051 is a medium-severity vulnerability (CVSS 3.1: 5.5) in the Linux kernel's IPMI IPMB driver, affecting the Siemens SIMATIC S7-1500 TM MFP industrial control system's GNU/Linux subsystem. The flaw involves a missing null pointer check on the return value of devm_kasprintf(), which can lead to a denial-of-service condition when memory allocation fails. Published on 2024-04-09 and last modified on 2026-05-14, this vulnerability is not listed in CISA's Known Exploited Vulnerabilities catalog. The affected product is the SIMATIC S7-1500 TM MFP's additional GNU/Linux subsystem, which provides an embedded Linux environment for running custom applications alongside the primary PLC runtime. No patch is currently available from Siemens.
- Vendor
- Siemens
- Product
- SIMATIC S7-1500 TM MFP - GNU/Linux subsystem
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-04-09
- Original CVE updated
- 2026-05-14
- Advisory published
- 2024-04-09
- Advisory updated
- 2026-05-14
Who should care
Industrial control system operators, OT security engineers, and asset owners deploying Siemens SIMATIC S7-1500 TM MFP modules in manufacturing, process control, or critical infrastructure environments. Organizations utilizing the GNU/Linux subsystem for custom edge applications should prioritize access controls until a patch becomes available.
Technical summary
The vulnerability exists in the IPMI IPMB (Intelligent Platform Management Interface - IP Management Bus) driver within the Linux kernel. The devm_kasprintf() function, which allocates memory and formats a string, can return NULL on allocation failure. The driver fails to check this return value before dereferencing the pointer, leading to a null pointer dereference and potential system crash. This affects the GNU/Linux subsystem of the Siemens SIMATIC S7-1500 TM MFP, an industrial PC module that combines PLC functionality with an embedded Linux environment for edge computing applications. The local attack vector requires an attacker to have low-privilege access to the Linux subsystem to trigger the vulnerable code path.
Defensive priority
medium
Recommended defensive actions
- Restrict interactive shell access to the GNU/Linux subsystem to trusted personnel only
- Build and run applications exclusively from trusted sources
- Monitor for future Siemens security advisories regarding patch availability
- Apply defense-in-depth strategies for industrial control system environments
- Review and implement CISA ICS recommended practices for securing embedded Linux subsystems in OT environments
Evidence notes
Vulnerability description and affected product confirmed through CISA CSAF advisory ICSA-24-102-01. CVSS vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H indicates local attack vector with low attack complexity, requiring low privileges, resulting in high availability impact. The flaw is classified under CWE-20 (Improper Input Validation). Remediation guidance indicates no fix is currently available.
Official resources
-
CVE-2024-58051 CVE record
CVE.org
-
CVE-2024-58051 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-04-09