PatchSiren cyber security CVE debrief

CVE-2025-21692 Siemens CVE debrief

CVE-2025-21692 is a high-severity vulnerability (CVSS 7.8) in the Linux kernel's network traffic scheduler, specifically affecting the Enhanced Transmission Selection (ETS) queuing discipline (qdisc). The flaw involves out-of-bounds (OOB) indexing in the ETS qdisc implementation, which could allow a local attacker with low privileges to achieve high-impact consequences including confidentiality breach, integrity compromise, and system availability loss. The vulnerability was published on August 12, 2025, and affects Siemens industrial networking products that incorporate the vulnerable Linux kernel component, specifically the RUGGEDCOM RST2428P and multiple SCALANCE product families. Siemens has issued security advisory SSA-355557 addressing this vulnerability, with remediation requiring updates to version 3.2 or later for affected products. The vulnerability is classified under CWE-129 (Improper Validation of Array Index) and requires local access with low attack complexity, making it particularly relevant for multi-user industrial systems where privilege escalation scenarios may exist.

Vendor: Siemens
Product: RUGGEDCOM RST2428P (6GK6242-6PA00)
CVSS: HIGH 7.8
CISA KEV: Not listed in stored evidence
Original CVE published: 2024-04-09
Original CVE updated: 2026-05-14
Advisory published: 2024-04-09
Advisory updated: 2026-05-14

Who should care

Organizations operating Siemens RUGGEDCOM RST2428P, SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, or SCALANCE XCM-/XRM-/XCH-/XRH-300 family industrial networking equipment in operational technology environments. This includes critical infrastructure operators in energy, manufacturing, transportation, and water/wastewater sectors where these devices provide network backbone connectivity. Security teams responsible for industrial control system patch management and vulnerability response should prioritize assessment of affected device inventories.

Technical summary

The vulnerability exists in the Linux kernel's net/sched subsystem, specifically within the Enhanced Transmission Selection (ETS) queuing discipline implementation. ETS is a quality-of-service mechanism defined in IEEE 802.1Qaz for managing bandwidth allocation across traffic classes. The OOB indexing flaw suggests improper bounds checking when accessing internal data structures during queue management operations. With CVSS vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, exploitation requires local access but yields complete system compromise. The vulnerability affects Siemens industrial Ethernet switches running SINEC OS that incorporate the vulnerable kernel version. Remediation involves firmware updates to version 3.2 or later, which presumably contains patched kernel components or configuration mitigations.

Defensive priority

HIGH

Recommended defensive actions

Apply vendor-provided firmware updates to version 3.2 or later for affected Siemens RUGGEDCOM RST2428P and SCALANCE product families as specified in Siemens security advisory SSA-355557
Review and implement CISA recommended practices for industrial control systems defense in depth strategies
Validate network segmentation configurations to limit local access vectors for potential exploitation
Monitor for anomalous privilege escalation attempts on affected industrial networking devices
Establish patch management procedures for third-party Linux kernel components in operational technology environments
resourceLinkAnnotations:ref-4,ref-5,ref-6,ref-8

Evidence notes

Vulnerability description sourced from CISA ICS advisory ICSA-25-226-07 and Siemens ProductCERT SSA-355557. CVSS vector confirms local attack vector with high impact across confidentiality, integrity, and availability. Affected products identified through CSAF product tree with three confirmed Siemens product families. Remediation guidance specifies version 3.2 or later as the vendor fix.

Official resources

2025-08-12