Siemens SINEC OS

Low RiskCVSS 3.1ICS-CERT ICSA-25-254-04Sep 9, 2025

Siemens

Attack path

Attack VectorAdjacent

Auth RequiredNone

ComplexityHigh

User InteractionNone needed

Summary

RUGGEDCOM RST2428P devices are affected by vulnerabilities associated with open UDP ports that permit unauthenticated access to non-sensitive information and potential temporary denial of service. Siemens is not planning fixes for this end-of-life product and recommends network protection mechanisms and adherence to operational security guidelines.

What this means

What could happen

An attacker on your local network could access non-sensitive information from the RUGGEDCOM device without authentication, or temporarily disrupt its network availability, but cannot compromise operational integrity.

Who's at risk

Network equipment operators and water/electric utilities running RUGGEDCOM RST2428P industrial switches in networked deployments should be concerned. This affects the connectivity layer of your ICS—while damage is limited to information disclosure or temporary outages, repeated attacks could interrupt plant network services.

How it could be exploited

An attacker with access to your local network (same LAN segment) sends crafted UDP packets to open ports on the RUGGEDCOM RST2428P. The device responds with non-sensitive data or experiences service degradation without requiring credentials or complex exploitation techniques.

Prerequisites

Local network access (same LAN segment as RUGGEDCOM device)
No authentication required
Knowledge of open UDP ports on the device

No authentication requiredNo patch available (end-of-life product)Low complexity attackAffects network infrastructure

Exploitability

Unlikely to be exploited — EPSS score 0.0%

Affected products (1)

ProductAffected VersionsFix Status

RUGGEDCOM RST2428P (6GK6242-6PA00)All versionsNo fix (EOL)

Remediation & Mitigation

0/3

Do now

0/1

HARDENINGRestrict network access to RUGGEDCOM RST2428P from untrusted network segments using firewall rules or network segmentation (restrict traffic on UDP ports to authorized devices only)

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HARDENINGMonitor network traffic to and from RUGGEDCOM devices for unauthorized access attempts on UDP ports

Mitigations - no patch available

0/1

RUGGEDCOM RST2428P (6GK6242-6PA00) has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:

HARDENINGIsolate RUGGEDCOM devices to a dedicated, physically or logically segmented network zone with access controls

CVEs (2)

CVE-2025-40802 CVE-2025-40803

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/be64a738-a8b9-49f9-8685-c7968256712d

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.