Detections
Analytics
Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-40278)
medium Tenable OT Security Plugin ID 505395
Synopsis
The remote OT asset is affected by a vulnerability.Description
In the Linux kernel, the following vulnerability has been resolved:net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel- infoleak Fix a KMSAN kernel-infoleak detected by the syzbot .
[net?] KMSAN: kernel-infoleak in __skb_datagram_iter In tcf_ife_dump(), the variable 'opt' was partially initialized using a designatied initializer. While the padding bytes are reamined uninitialized. nla_put() copies the entire structure into a netlink message, these uninitialized bytes leaked to userspace. Initialize the structure with memset before assigning its fields to ensure all members and padding are cleared prior to beign copied. This change silences the KMSAN report and prevents potential information leaks from the kernel memory. This fix has been tested and validated by syzbot. This patch closes the bug reported at the following syzkaller link and ensures no infoleak.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
Refer to the vendor advisory.See Also
https://cert-portal.siemens.com/productcert/html/ssa-253495.html
https://support.industry.siemens.com/cs/ww/en/view/110002573/
Plugin Details
Severity: Medium
ID: 505395
File Name: tenable_ot_siemens_CVE-2025-40278.nasl
Version: 1.1
Type: Remote
Family: Tenable.ot
Published: 6/18/2026
Updated: 6/18/2026
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v3
Risk Factor: Medium
Base Score: 5.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vulnerability Information
CPE: cpe:/o:siemens:ruggedcom_rst2428p_firmware
Required KB Items: Tenable.ot/Siemens
Exploit Ease: No known exploits are available
Patch Publication Date: 6/2/2026
Vulnerability Publication Date: 12/6/2025
Reference Information
CVE: CVE-2025-40278
CWE: 20