OTPulse

Siemens Third-Party Components in SINEC OS

Act NowCVSS 9.1ICS-CERT ICSA-25-226-07Aug 12, 2025
Siemens
Attack path
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

SINEC OS before V3.2 contains multiple vulnerabilities in third-party components, including input validation flaws and memory safety issues. These affect RUGGEDCOM RST2428P and SCALANCE XC/XR/XCM/XRM/XCH/XRH series network devices. The vulnerabilities allow remote attackers without credentials to cause denial of service (device crash) or disclose sensitive information. Siemens has released SINEC OS V3.2 with fixes for all affected products.

What this means
What could happen
Multiple unpatched vulnerabilities in critical network infrastructure equipment could allow an attacker to remotely crash devices or extract sensitive information without authentication, causing loss of network connectivity or visibility across your plant.
Who's at risk
This affects network infrastructure devices that provide industrial connectivity: RUGGEDCOM industrial routers, SCALANCE managed switches and wireless access points. These are commonly used in water authority and electric utility networks to connect PLCs, RTUs, and control systems across substations and treatment plants. Organizations running any version of SINEC OS before 3.2 on these devices are at risk.
How it could be exploited
An attacker on the network (or from the internet if the device is exposed) can send malformed packets or specially crafted requests to the device running SINEC OS. The device will process these without proper validation due to the third-party component flaws, allowing the attacker to either crash it (denial of service) or read memory containing sensitive data.
Prerequisites
  • Network access to the device on its management or protocol ports (no authentication required)
  • Device is reachable from an untrusted network or the internet
remotely exploitableno authentication requiredlow complexityactively exploited (KEV)affects critical infrastructure
Exploitability
Actively exploited — confirmed by CISA KEV
Public Proof-of-Concept (PoC) on GitHub (5 repositories)
Affected products (3)
3 with fix
ProductAffected VersionsFix Status
RUGGEDCOM RST2428P (6GK6242-6PA00)< 3.23.2
SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family< 3.23.2
SCALANCE XCM-/XRM-/XCH-/XRH-300 family< 3.23.2
Remediation & Mitigation
0/4
Do now
0/2
HOTFIXUpdate RUGGEDCOM RST2428P, SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500, and SCALANCE XCM-/XRM-/XCH-/XRH-300 devices to SINEC OS version 3.2 or later
WORKAROUNDRestrict network access to affected devices by applying firewall rules to block inbound traffic on management ports (e.g., SSH, HTTP/HTTPS, SNMP) from untrusted networks
Long-term hardening
0/2
HARDENINGIsolate these network devices on a separate industrial network segment, not directly accessible from office/IT networks or the internet
HARDENINGIf remote management is required, implement a VPN gateway and ensure remote access users authenticate before reaching the device
CVEs (486)
CVE-2024-50602CVE-2024-9681CVE-2024-8176CVE-2021-47316CVE-2022-48666CVE-2022-48827CVE-2022-48828CVE-2022-48829CVE-2022-49034CVE-2023-4039CVE-2023-52887CVE-2023-52918CVE-2024-6197CVE-2024-6874CVE-2024-7264CVE-2024-36484CVE-2024-36894CVE-2024-36901CVE-2024-36938CVE-2024-36974CVE-2024-36978CVE-2024-37078CVE-2024-38586CVE-2024-38619CVE-2024-39468CVE-2024-39469CVE-2024-39482CVE-2024-39484CVE-2024-39487CVE-2024-39495CVE-2024-39499CVE-2024-39502CVE-2024-39503CVE-2024-39505CVE-2024-39506CVE-2024-39509CVE-2024-40901CVE-2024-40902CVE-2024-40904CVE-2024-40905CVE-2024-40912CVE-2024-40916CVE-2024-40929CVE-2024-40931CVE-2024-40932CVE-2024-40934CVE-2024-40941CVE-2024-40942CVE-2024-40943CVE-2024-40945CVE-2024-40947CVE-2024-40958CVE-2024-40959CVE-2024-40960CVE-2024-40961CVE-2024-40963CVE-2024-40968CVE-2024-40971CVE-2024-40974CVE-2024-40976CVE-2024-40978CVE-2024-40980CVE-2024-40981CVE-2024-40983CVE-2024-40984CVE-2024-40987CVE-2024-40988CVE-2024-40990CVE-2024-40995CVE-2024-41000CVE-2024-41004CVE-2024-41005CVE-2024-41006CVE-2024-41007CVE-2024-41009CVE-2024-41012CVE-2024-41015CVE-2024-41017CVE-2024-41020CVE-2024-41022CVE-2024-41034CVE-2024-41035CVE-2024-41040CVE-2024-41041CVE-2024-41044CVE-2024-41046CVE-2024-41049CVE-2024-41055CVE-2024-41059CVE-2024-41063CVE-2024-41064CVE-2024-41065CVE-2024-41068CVE-2024-41070CVE-2024-41072CVE-2024-41077CVE-2024-41078CVE-2024-41081CVE-2024-41087CVE-2024-41089CVE-2024-41090CVE-2024-41091CVE-2024-41092CVE-2024-41095CVE-2024-41097CVE-2024-42076CVE-2024-42077CVE-2024-42082CVE-2024-42084CVE-2024-42086CVE-2024-42087CVE-2024-42092CVE-2024-42093CVE-2024-42094CVE-2024-42095CVE-2024-42101CVE-2024-42105CVE-2024-42145CVE-2024-42148CVE-2024-42152CVE-2024-42153CVE-2024-42154CVE-2024-42161CVE-2024-42223CVE-2024-42224CVE-2024-42229CVE-2024-42232CVE-2024-42236CVE-2024-42244CVE-2024-42247CVE-2024-43098CVE-2024-43861CVE-2024-43867CVE-2024-43871CVE-2024-43879CVE-2024-43880CVE-2024-43882CVE-2024-43883CVE-2024-43889CVE-2024-43890CVE-2024-43893CVE-2024-43894CVE-2024-43907CVE-2024-43908CVE-2024-43914CVE-2024-44935CVE-2024-44944CVE-2024-44949CVE-2024-44954CVE-2024-44960CVE-2024-44965CVE-2024-44969CVE-2024-44971CVE-2024-44987CVE-2024-44988CVE-2024-44989CVE-2024-44990CVE-2024-44995CVE-2024-44998CVE-2024-44999CVE-2024-45003CVE-2024-45006CVE-2024-45008CVE-2024-45021CVE-2024-45025CVE-2024-46673CVE-2024-46674CVE-2024-46675CVE-2024-46676CVE-2024-46677CVE-2024-46679CVE-2024-46685CVE-2024-46689CVE-2024-46702CVE-2024-46707CVE-2024-46713CVE-2024-46714CVE-2024-46719CVE-2024-46721CVE-2024-46722CVE-2024-46723CVE-2024-46724CVE-2024-46725CVE-2024-46731CVE-2024-46737CVE-2024-46738CVE-2024-46739CVE-2024-46740CVE-2024-46743CVE-2024-46744CVE-2024-46745CVE-2024-46747CVE-2024-46750CVE-2024-46755CVE-2024-46759CVE-2024-46761CVE-2024-46763CVE-2024-46771CVE-2024-46777CVE-2024-46780CVE-2024-46781CVE-2024-46782CVE-2024-46783CVE-2024-46791CVE-2024-46798CVE-2024-46800CVE-2024-46804CVE-2024-46814CVE-2024-46815CVE-2024-46817CVE-2024-46818CVE-2024-46819CVE-2024-46822CVE-2024-46828CVE-2024-46829CVE-2024-46832CVE-2024-46840CVE-2024-46844CVE-2024-47143CVE-2024-47659CVE-2024-47660CVE-2024-47663CVE-2024-47667CVE-2024-47668CVE-2024-47669CVE-2024-47679CVE-2024-47684CVE-2024-47685CVE-2024-47692CVE-2024-47696CVE-2024-47697CVE-2024-47698CVE-2024-47699CVE-2024-47701CVE-2024-47705CVE-2024-47706CVE-2024-47709CVE-2024-47710CVE-2024-47712CVE-2024-47713CVE-2024-47718CVE-2024-47723CVE-2024-47735CVE-2024-47737CVE-2024-47739CVE-2024-47740CVE-2024-47742CVE-2024-47747CVE-2024-47748CVE-2024-47749CVE-2024-47756CVE-2024-47757CVE-2024-48881CVE-2024-49851CVE-2024-49858CVE-2024-49860CVE-2024-49863CVE-2024-49867CVE-2024-49868CVE-2024-49875CVE-2024-49877CVE-2024-49878CVE-2024-49879CVE-2024-49881CVE-2024-49882CVE-2024-49883CVE-2024-49884CVE-2024-49889CVE-2024-49890CVE-2024-49892CVE-2024-49894CVE-2024-49895CVE-2024-49896CVE-2024-49900CVE-2024-49901CVE-2024-49902CVE-2024-49903CVE-2024-49907CVE-2024-49913CVE-2024-49924CVE-2024-49930CVE-2024-49933CVE-2024-49936CVE-2024-49938CVE-2024-49944CVE-2024-49948CVE-2024-49949CVE-2024-49952CVE-2024-49955CVE-2024-49957CVE-2024-49958CVE-2024-49959CVE-2024-49962CVE-2024-49963CVE-2024-49965CVE-2024-49966CVE-2024-49969CVE-2024-49971CVE-2024-49973CVE-2024-49975CVE-2024-49977CVE-2024-49981CVE-2024-49982CVE-2024-49983CVE-2024-49985CVE-2024-49997CVE-2024-50001CVE-2024-50006CVE-2024-50007CVE-2024-50008CVE-2024-50013CVE-2024-50015CVE-2024-50024CVE-2024-50033CVE-2024-50035CVE-2024-50039CVE-2024-50040CVE-2024-50044CVE-2024-50045CVE-2024-50046CVE-2024-50049CVE-2024-50051CVE-2024-50059CVE-2024-50074CVE-2024-50082CVE-2024-50083CVE-2024-50095CVE-2024-50096CVE-2024-50099CVE-2024-50179CVE-2024-50180CVE-2024-50184CVE-2024-50185CVE-2024-50188CVE-2024-50193CVE-2024-50194CVE-2024-50195CVE-2024-50198CVE-2024-50199CVE-2024-50201CVE-2024-50202CVE-2024-50218CVE-2024-50234CVE-2024-50236CVE-2024-50237CVE-2024-50251CVE-2024-50262CVE-2024-50264CVE-2024-50265CVE-2024-50267CVE-2024-50268CVE-2024-50269CVE-2024-50273CVE-2024-50278CVE-2024-50279CVE-2024-50282CVE-2024-50287CVE-2024-50290CVE-2024-50292CVE-2024-50295CVE-2024-50296CVE-2024-50299CVE-2024-50301CVE-2024-50302CVE-2024-50304CVE-2024-52332CVE-2024-53052CVE-2024-53057CVE-2024-53059CVE-2024-53060CVE-2024-53061CVE-2024-53063CVE-2024-53066CVE-2024-53097CVE-2024-53101CVE-2024-53103CVE-2024-53104CVE-2024-53145CVE-2024-53146CVE-2024-53148CVE-2024-53150CVE-2024-53155CVE-2024-53156CVE-2024-53157CVE-2024-53158CVE-2024-53161CVE-2024-53165CVE-2024-53171CVE-2024-53172CVE-2024-53173CVE-2024-53174CVE-2024-53181CVE-2024-53183CVE-2024-53184CVE-2024-53194CVE-2024-53197CVE-2024-53198CVE-2024-53214CVE-2024-53217CVE-2024-53226CVE-2024-53227CVE-2024-53237CVE-2024-53239CVE-2024-53240CVE-2024-53241CVE-2024-53680CVE-2024-56531CVE-2024-56532CVE-2024-56533CVE-2024-56539CVE-2024-56548CVE-2024-56558CVE-2024-56562CVE-2024-56567CVE-2024-56568CVE-2024-56569CVE-2024-56570CVE-2024-56572CVE-2024-56574CVE-2024-56576CVE-2024-56581CVE-2024-56586CVE-2024-56587CVE-2024-56589CVE-2024-56593CVE-2024-56594CVE-2024-56595CVE-2024-56596CVE-2024-56597CVE-2024-56598CVE-2024-56600CVE-2024-56601CVE-2024-56602CVE-2024-56603CVE-2024-56605CVE-2024-56606CVE-2024-56610CVE-2024-56615CVE-2024-56619CVE-2024-56623CVE-2024-56629CVE-2024-56630CVE-2024-56633CVE-2024-56634CVE-2024-56636CVE-2024-56637CVE-2024-56642CVE-2024-56643CVE-2024-56644CVE-2024-56645CVE-2024-56648CVE-2024-56650CVE-2024-56659CVE-2024-56661CVE-2024-56662CVE-2024-56670CVE-2024-56681CVE-2024-56688CVE-2024-56690CVE-2024-56691CVE-2024-56698CVE-2024-56700CVE-2024-56701CVE-2024-56704CVE-2024-56705CVE-2024-56720CVE-2024-56723CVE-2024-56724CVE-2024-56728CVE-2024-56739CVE-2024-56746CVE-2024-56747CVE-2024-56748CVE-2024-56754CVE-2024-56756CVE-2024-56770CVE-2024-56779CVE-2024-56780CVE-2024-56785CVE-2024-57874CVE-2024-57951CVE-2025-21687CVE-2025-21689CVE-2025-21692CVE-2025-21694CVE-2025-21699
View full CISA ICS-CERT advisory
API: /api/v1/advisories/a66aa184-d734-4f8a-af4c-cf9128e4d3b1

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.