Siemens SiPass Integrated

🗓️ 11 Jul 2023 00:00:00Reported by Industrial Control Systems Cyber Emergency Response TeamType

ics🔗 www.cisa.gov👁 25 Views

Siemens SiPass Integrated vulnerability in Improper Input Validation could lead to denial-of-service condition. Update to V2.90.3.8 and follow security best practices

Reporter	Title	Published	Views	Family All 13
BDU FSTEC	The vulnerability of SiPass integrated software for security and access control systems arises from operations that go beyond the buffer in memory, allowing attackers to cause system failures.	10 Oct 202300:00	–	bdu_fstec
Circl	CVE-2022-31810	11 Jul 202314:29	–	circl
CNNVD	Siemens SiPass Integrated 缓冲区错误漏洞	11 Jul 202300:00	–	cnnvd
CNVD	Siemens SiPass Integrated Stack Overflow Vulnerability	12 Jul 202300:00	–	cnvd
CVE	CVE-2022-31810	11 Jul 202309:07	–	cve
Cvelist	CVE-2022-31810	11 Jul 202309:07	–	cvelist
EUVD	EUVD-2022-53197	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Siemens products	11 Jul 202300:00	–	ncsc
NVD	CVE-2022-31810	11 Jul 202310:15	–	nvd
Prion	Stack overflow	11 Jul 202310:15	–	prion

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/csaf/ssa-924149.json
cert-portal	www.cert-portal.siemens.com/productcert/html/ssa-924149.html
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-924149.pdf
cert-portal	www.cert-portal.siemens.com/productcert/txt/ssa-924149.txt
raw	www.raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2023/icsa-23-194-02.json
cisa	www.cisa.gov/news-events/ics-advisories/icsa-23-194-02
cisa	www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01
cisa	www.cisa.gov/resources-tools/resources/ics-recommended-practices
cisa	www.cisa.gov/topics/industrial-control-systems
us-cert	www.us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf

11 Jul 2023 00:00Current

7.8High risk

Vulners AI Score7.8

CVSS 3.17.5

EPSS0.00537

SSVC