Full Report
SiPass integrated versions before V2.95.3.18 contain an out of bounds read vulnerability that could allow an unauthenticated remote attacker to create a denial of service condition. Siemens has released a new version for SiPass integrated and recommends to update to the latest version.
Analysis Summary
# Vulnerability: Out of Bounds Read in Siemens SiPass integrated leading to DoS
## CVE Details
- CVE ID: CVE-2022-31812
- CVSS Score: 7.5 (CVSS v3.1) / 8.7 (CVSS v4.0) (High/Critical severity based on score)
- CWE: CWE-125: Out-of-bounds Read
## Affected Systems
- Products: SiPass integrated
- Versions: All versions *before* V2.95.3.18
- Configurations: Unauthenticated remote access required.
## Vulnerability Description
The vulnerability resides in affected server applications within SiPass integrated, stemming from an **out of bounds read** condition that occurs during the integrity check of incoming packets. This flaw allows an unauthenticated remote attacker to read past the end of an allocated buffer.
## Exploitation
- Status: Not explicitly stated as exploited in the wild, but the nature of the flaw suggests potential exploitation.
- Complexity: Low (CVSS metrics: AC:L/PR:N/UI:N)
- Attack Vector: Network (AV:N)
## Impact
- Confidentiality: No impact stated (C:N)
- Integrity: No impact stated (I:N)
- Availability: High impact (A:H) – Could lead to a Denial of Service (DoS) condition.
## Remediation
### Patches
- Recommended action is to **Update to SiPass integrated V2.95.3.18 or a later version**.
- Vendor source for update: hxxps://support.industry.siemens.com/cs/ww/en/view/109827049/
### Workarounds
- Follow the Siemens General Security Recommendations (which include protecting network access to affected products with appropriate mechanisms).
## Detection
- Detection methods specific to this vulnerability (e.g., IDS signatures) are not detailed in the summary.
- **Mitigation Focus:** Network segmentation and access control to prevent unauthenticated remote access to vulnerable services.
## References
- Vendor Advisory: SSA-041082
- Siemens ProductCERT Advisories: hxxps://www.siemens.com/cert/advisories