OTPulse
FeedAboutContact

Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1

Act Now9.8SSA-613116Aug 12, 2025
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

SINEC OS (the operating system in Siemens industrial switches and routers) before version 3.1 contains multiple unpatched vulnerabilities in third-party components. These vulnerabilities span memory corruption, input validation failures, authentication bypass, and resource exhaustion issues. The affected products include RUGGEDCOM RST2428P industrial router and the SCALANCE XCM/XRM/XCH/XRH-300 family of managed Ethernet switches used in industrial networks. An attacker with network access can exploit these vulnerabilities to execute arbitrary code without authentication.

What this means
What could happen
An attacker can remotely execute arbitrary code on your network switches and industrial routers with no authentication required, potentially disrupting network connectivity to critical infrastructure or altering traffic flows to SCADA systems and field devices.
Who's at risk
Water utilities and electric utilities using Siemens SCALANCE XCM, XRM, XCH, or XRH-300 family industrial Ethernet switches, or RUGGEDCOM RST2428P industrial routers in their network infrastructure. These devices are common in water treatment plants, wastewater systems, electric substations, and distributed SCADA networks where they connect PLCs, RTUs, and control centers.
How it could be exploited
An attacker on the network (or with network-level access) sends specially crafted packets or requests to the vulnerable SINEC OS service. The third-party component vulnerabilities allow code execution without requiring valid credentials. Once compromised, the attacker can control the device to intercept, redirect, or block traffic between your control center and RTUs/PLCs.
Prerequisites
  • Network-level access to the affected switch or router on port 80, 443, or other services running on SINEC OS
  • No authentication credentials required for exploitation
Remotely exploitableNo authentication requiredLow complexity attackActively exploited (KEV)Very high EPSS score (86.9%)Affects network infrastructure controlling safety-critical systemsMultiple underlying vulnerabilities in third-party components
Exploitability
Actively exploited — confirmed by CISA KEV
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
RUGGEDCOM RST2428P (6GK6242-6PA00)< 3.13.1
SCALANCE XCM-/XRM-/XCH-/XRH-300 family< 3.13.1
Remediation & Mitigation
0/4
Do now
0/4
RUGGEDCOM RST2428P (6GK6242-6PA00)
HOTFIXUpdate RUGGEDCOM RST2428P (6GK6242-6PA00) to firmware version 3.1 or later
All products
HOTFIXUpdate SCALANCE XCM/XRM/XCH/XRH-300 family switches to SINEC OS version 3.1 or later
WORKAROUNDRestrict network access to management interfaces (SSH, HTTP/HTTPS) of affected switches using firewall rules or ACLs—allow only from trusted engineering workstations or secure administrative subnets
HARDENINGSegment industrial network to isolate critical switches from untrusted network segments pending firmware updates
CVEs (381)
CVE-2021-44879CVE-2022-48655CVE-2022-48772CVE-2022-48935CVE-2023-3567CVE-2023-5178CVE-2023-5678CVE-2023-5717CVE-2023-6040CVE-2023-6121CVE-2023-6606CVE-2023-6931CVE-2023-6932CVE-2023-35827CVE-2023-39198CVE-2023-45863CVE-2023-46343CVE-2023-51779CVE-2023-51780CVE-2023-51781CVE-2023-51782CVE-2023-52340CVE-2023-52433CVE-2023-52435CVE-2023-52475CVE-2023-52477CVE-2023-52478CVE-2023-52486CVE-2023-52502CVE-2023-52504CVE-2023-52507CVE-2023-52509CVE-2023-52510CVE-2023-52581CVE-2023-52583CVE-2023-52587CVE-2023-52594CVE-2023-52595CVE-2023-52597CVE-2023-52598CVE-2023-52599CVE-2023-52600CVE-2023-52601CVE-2023-52602CVE-2023-52603CVE-2023-52604CVE-2023-52606CVE-2023-52607CVE-2023-52615CVE-2023-52617CVE-2023-52619CVE-2023-52622CVE-2023-52623CVE-2023-52637CVE-2023-52654CVE-2023-52655CVE-2023-52670CVE-2023-52753CVE-2023-52764CVE-2023-52774CVE-2023-52784CVE-2023-52789CVE-2023-52791CVE-2023-52796CVE-2023-52799CVE-2023-52804CVE-2023-52805CVE-2023-52806CVE-2023-52809CVE-2023-52810CVE-2023-52813CVE-2023-52817CVE-2023-52818CVE-2023-52819CVE-2023-52832CVE-2023-52835CVE-2023-52836CVE-2023-52838CVE-2023-52840CVE-2023-52843CVE-2023-52845CVE-2023-52847CVE-2023-52853CVE-2023-52855CVE-2023-52858CVE-2023-52864CVE-2023-52865CVE-2023-52867CVE-2023-52868CVE-2023-52871CVE-2023-52873CVE-2023-52875CVE-2023-52876CVE-2023-52879CVE-2023-52881CVE-2023-52882CVE-2023-52887CVE-2023-52918CVE-2023-52919CVE-2024-0193CVE-2024-0584CVE-2024-0646CVE-2024-0841CVE-2024-1086CVE-2024-2511CVE-2024-4603CVE-2024-4741CVE-2024-5535CVE-2024-6119CVE-2024-6232CVE-2024-25741CVE-2024-26581CVE-2024-26593CVE-2024-26598CVE-2024-26600CVE-2024-26602CVE-2024-26606CVE-2024-26615CVE-2024-26625CVE-2024-26635CVE-2024-26636CVE-2024-26645CVE-2024-26663CVE-2024-26664CVE-2024-26671CVE-2024-26673CVE-2024-26675CVE-2024-26679CVE-2024-26684CVE-2024-26685CVE-2024-26688CVE-2024-26696CVE-2024-26697CVE-2024-26702CVE-2024-26704CVE-2024-26720CVE-2024-26722CVE-2024-26735CVE-2024-26736CVE-2024-26748CVE-2024-26749CVE-2024-26751CVE-2024-26752CVE-2024-26754CVE-2024-26763CVE-2024-26764CVE-2024-26766CVE-2024-26772CVE-2024-26773CVE-2024-26777CVE-2024-26778CVE-2024-26779CVE-2024-26788CVE-2024-26790CVE-2024-26791CVE-2024-26793CVE-2024-26801CVE-2024-26804CVE-2024-26805CVE-2024-26825CVE-2024-26835CVE-2024-26839CVE-2024-26840CVE-2024-26845CVE-2024-26900CVE-2024-26910CVE-2024-26923CVE-2024-26924CVE-2024-26926CVE-2024-26988CVE-2024-26993CVE-2024-26994CVE-2024-26997CVE-2024-26999CVE-2024-27000CVE-2024-27001CVE-2024-27004CVE-2024-27013CVE-2024-27019CVE-2024-27020CVE-2024-27395CVE-2024-27396CVE-2024-27405CVE-2024-27410CVE-2024-27412CVE-2024-27413CVE-2024-27414CVE-2024-27416CVE-2024-27417CVE-2024-31076CVE-2024-33621CVE-2024-34397CVE-2024-35247CVE-2024-35833CVE-2024-35835CVE-2024-35847CVE-2024-35848CVE-2024-35852CVE-2024-35853CVE-2024-35854CVE-2024-35855CVE-2024-35947CVE-2024-35955CVE-2024-35958CVE-2024-35960CVE-2024-35962CVE-2024-35969CVE-2024-35973CVE-2024-35976CVE-2024-35983CVE-2024-35984CVE-2024-35990CVE-2024-35996CVE-2024-36005CVE-2024-36006CVE-2024-36007CVE-2024-36008CVE-2024-36015CVE-2024-36016CVE-2024-36017CVE-2024-36031CVE-2024-36270CVE-2024-36286CVE-2024-36288CVE-2024-36484CVE-2024-36489CVE-2024-36883CVE-2024-36886CVE-2024-36889CVE-2024-36901CVE-2024-36902CVE-2024-36904CVE-2024-36905CVE-2024-36916CVE-2024-36929CVE-2024-36933CVE-2024-36934CVE-2024-36938CVE-2024-36940CVE-2024-36946CVE-2024-36954CVE-2024-36957CVE-2024-36959CVE-2024-36964CVE-2024-36971CVE-2024-36974CVE-2024-36978CVE-2024-37356CVE-2024-38381CVE-2024-38555CVE-2024-38558CVE-2024-38578CVE-2024-38579CVE-2024-38586CVE-2024-38587CVE-2024-38589CVE-2024-38590CVE-2024-38596CVE-2024-38597CVE-2024-38598CVE-2024-38601CVE-2024-38612CVE-2024-38615CVE-2024-38619CVE-2024-38627CVE-2024-38633CVE-2024-38634CVE-2024-38637CVE-2024-38659CVE-2024-38662CVE-2024-38780CVE-2024-39276CVE-2024-39292CVE-2024-39301CVE-2024-39468CVE-2024-39475CVE-2024-39476CVE-2024-39480CVE-2024-39482CVE-2024-39487CVE-2024-39489CVE-2024-39493CVE-2024-39495CVE-2024-39499CVE-2024-39502CVE-2024-39503CVE-2024-39506CVE-2024-40904CVE-2024-40905CVE-2024-40931CVE-2024-40945CVE-2024-40947CVE-2024-40958CVE-2024-40959CVE-2024-40960CVE-2024-40961CVE-2024-40980CVE-2024-40983CVE-2024-40984CVE-2024-40990CVE-2024-40995CVE-2024-41000CVE-2024-41004CVE-2024-41005CVE-2024-41006CVE-2024-41007CVE-2024-41009CVE-2024-41012CVE-2024-41020CVE-2024-41035CVE-2024-41040CVE-2024-41041CVE-2024-41044CVE-2024-41046CVE-2024-41049CVE-2024-41055CVE-2024-41077CVE-2024-41081CVE-2024-41087CVE-2024-41090CVE-2024-41091CVE-2024-41097CVE-2024-42070CVE-2024-42076CVE-2024-42082CVE-2024-42084CVE-2024-42086CVE-2024-42089CVE-2024-42092CVE-2024-42093CVE-2024-42094CVE-2024-42095CVE-2024-42102CVE-2024-42106CVE-2024-42131CVE-2024-42145CVE-2024-42148CVE-2024-42152CVE-2024-42153CVE-2024-42154CVE-2024-42161CVE-2024-42223CVE-2024-42229CVE-2024-42232CVE-2024-42236CVE-2024-42244CVE-2024-42247CVE-2024-43861CVE-2024-43871CVE-2024-43880CVE-2024-43882CVE-2024-43883CVE-2024-43889CVE-2024-43890CVE-2024-43893CVE-2024-44935CVE-2024-44944CVE-2024-44949CVE-2024-44960CVE-2024-44971CVE-2024-44987CVE-2024-44989CVE-2024-44990CVE-2024-44995CVE-2024-44998CVE-2024-44999CVE-2024-45003CVE-2024-45006CVE-2024-45008CVE-2024-45021CVE-2024-45025CVE-2024-45490CVE-2024-45491CVE-2024-45492CVE-2024-46674CVE-2024-46675CVE-2024-46676CVE-2024-46677CVE-2024-46679CVE-2024-46685CVE-2024-46689
View full Siemens ProductCERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/92fafa5b-b9e7-4466-882a-ece3505d24ab
Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1 | CVSS 9.8 - OTPulse