CVE-2024-58058 Siemens CVE debrief

Who should care

Industrial control system operators, OT security teams, and Siemens SIMATIC S7-1500 TM MFP administrators should prioritize this vulnerability. Organizations in manufacturing, process control, and critical infrastructure sectors using this platform are at risk of denial-of-service conditions that could disrupt operational technology environments.

Technical summary

The vulnerability exists in the UBIFS file system implementation within the Linux kernel. Specifically, the TNC tree dumping functionality does not check whether the zroot pointer is NULL before attempting to use it. This NULL pointer dereference can be triggered during file system operations, resulting in a kernel oops or panic. The flaw is classified as CWE-476 (NULL Pointer Dereference). The affected product is the Siemens SIMATIC S7-1500 TM MFP with its GNU/Linux subsystem, commonly deployed in industrial automation environments. No patch is currently available per vendor advisory; mitigation relies on access controls and trusted application sourcing.

Defensive priority

medium

Recommended defensive actions

• Restrict interactive shell access to the GNU/Linux subsystem to trusted personnel only
• Build and run applications exclusively from trusted sources
• Monitor for kernel crashes or unexpected reboots on affected systems
• Apply vendor patches when Siemens releases firmware updates addressing this vulnerability
• Implement network segmentation to limit access to industrial control system components

Evidence notes

CVE published 2024-04-09; CISA advisory ICSA-24-102-01 published same date. Advisory last modified 2026-05-14 with multiple revision updates through Additional Release 9 (2025-09-09). CVSS 3.1 vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H confirms local attack vector with low privileges required, no confidentiality or integrity impact, high availability impact.

Official resources