Multiple vulnerabilities in Siemens Sinteso EN and Cerberus PRO EN Fire Protection Systems
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2024-22040 CVE-2024-22041 |
| CWE-ID | CWE-125 CWE-119 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Cerberus PRO EN Engineering Tool Hardware solutions / Firmware Sinteso FS20 EN Engineering Tool Hardware solutions / Firmware Sinteso Mobile Hardware solutions / Firmware Cerberus PRO EN Fire Panel FC72x Hardware solutions / Firmware Cerberus PRO EN X200 Cloud Distribution Hardware solutions / Firmware Cerberus PRO EN X300 Cloud Distribution Hardware solutions / Firmware Sinteso FS20 EN Fire Panel FC20 Hardware solutions / Firmware Sinteso FS20 EN X200 Cloud Distribution Hardware solutions / Firmware Sinteso FS20 EN X300 Cloud Distribution Hardware solutions / Firmware |
| Vendor | Siemens |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU87491
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-22040
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition in the network communication library. A remote attacker can trigger an out-of-bounds read error and cause a denial of service condition on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCerberus PRO EN Engineering Tool: All versions
Sinteso FS20 EN Engineering Tool: All versions
Sinteso Mobile: All versions
Cerberus PRO EN Fire Panel FC72x: before IP8 SR4
Cerberus PRO EN X200 Cloud Distribution: before 4.3.5618
Cerberus PRO EN X300 Cloud Distribution: before 4.3.5617
Sinteso FS20 EN Fire Panel FC20: before MP8 SR4
Sinteso FS20 EN X200 Cloud Distribution: before 4.3.5618
Sinteso FS20 EN X300 Cloud Distribution: before 4.3.5617
CPE2.3- cpe:2.3:h:siemens:cerberus_pro_en_engineering_tool:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:sinteso_fs20_en_engineering_tool:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:sinteso_mobile:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:cerberus_pro_en_fire_panel_fc72x:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:cerberus_pro_en_x200_cloud_distribution:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:cerberus_pro_en_x300_cloud_distribution:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:sinteso_fs20_en_fire_panel_fc20:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:sinteso_fs20_en_x200_cloud_distribution:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:sinteso_fs20_en_x300_cloud_distribution:*:*:*:*:*:*:*:
http://cert-portal.siemens.com/productcert/html/ssa-225840.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Buffer overflow
EUVDB-ID: #VU87492
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-22041
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in the network communication library when parsing X.509 certificates. A remote attacker can trigger memory corruption and cause a denial of service condition on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCerberus PRO EN Engineering Tool: All versions
Sinteso FS20 EN Engineering Tool: All versions
Sinteso Mobile: All versions
Cerberus PRO EN Fire Panel FC72x: before IP8 SR4
Cerberus PRO EN X200 Cloud Distribution: before 4.3.5618
Cerberus PRO EN X300 Cloud Distribution: before 4.3.5617
Sinteso FS20 EN Fire Panel FC20: before MP8 SR4
Sinteso FS20 EN X200 Cloud Distribution: before 4.3.5618
Sinteso FS20 EN X300 Cloud Distribution: before 4.3.5617
CPE2.3- cpe:2.3:h:siemens:cerberus_pro_en_engineering_tool:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:sinteso_fs20_en_engineering_tool:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:sinteso_mobile:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:cerberus_pro_en_fire_panel_fc72x:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:cerberus_pro_en_x200_cloud_distribution:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:cerberus_pro_en_x300_cloud_distribution:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:sinteso_fs20_en_fire_panel_fc20:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:sinteso_fs20_en_x200_cloud_distribution:*:*:*:*:*:*:*:
- cpe:2.3:h:siemens:sinteso_fs20_en_x300_cloud_distribution:*:*:*:*:*:*:*:
http://cert-portal.siemens.com/productcert/html/ssa-225840.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
