23 matches found
EUVD-2024-19642
Malicious code in bioql PyPI...
CVE-2024-22041
A vulnerability has been identified in Cerberus PRO EN Engineering Tool All versions, Cerberus PRO EN Fire Panel FC72x IP6 All versions, Cerberus PRO EN Fire Panel FC72x IP7 All versions, Cerberus PRO EN Fire Panel FC72x IP8 All versions IP8 SR4, Cerberus PRO EN X200 Cloud Distribution IP7 All...
CVE-2024-22039
A vulnerability has been identified in Cerberus PRO EN Engineering Tool All versions IP8, Cerberus PRO EN Fire Panel FC72x IP6 All versions IP6 SR3, Cerberus PRO EN Fire Panel FC72x IP7 All versions IP7 SR5, Cerberus PRO EN X200 Cloud Distribution IP7 All versions V3.0.6602, Cerberus PRO EN X200...
Siemens Desigo Fire Safety UL and Cerberus PRO UL Fire Protection Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
The vulnerability of the network communication library of the software-hardware systems for Siemens Fire Safety products, namely Siemens Cerberus PRO EN, Sinteso EN, and Sinteso Mobile, allows a perpetrator to cause service interruptions.
The vulnerability of the network communication library of the Siemens Cerberus PRO EN, Sinteso EN, and Sinteso Mobile fire safety systems relates to the issue where the operation data escapes from the buffer in memory during the analysis of X.509 certificates. Exploiting this vulnerability could...
The vulnerability of the network communication library of the software-hardware systems for Siemens Fire Safety products, namely Siemens Cerberus PRO EN, Sinteso EN, and Sinteso Mobile, allows a perpetrator to cause service interruptions.
The vulnerability of the network communication libraries of the Siemens Cerberus PRO EN, Sinteso EN, and Sinteso Mobile fire safety systems relates to reading data outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the software-hardware components of the fire safety systems Cerberus PRO EN and Sinteso EN lies in the copying to a buffer without checking the size of the input data. This allows an intruder to execute arbitrary code on the basic operating system with root privileges.
The vulnerability of the software-hardware components of the fire safety systems Cerberus PRO EN and Sinteso EN lies in the copying of input data into memory without checking its size. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code in the bas...
Siemens Sinteso EN and Cerberus PRO EN Fire Protection Systems Out-of-Bounds Read Vulnerability
Cerberus PRO EN is a fire protection system consisting of fire panels, detection and management stations. It is available to Siemens partners and complies with the European standard EN 54 for fire detection and alarm systems. Sinteso EN is a fire protection system consisting of fire panels,...
Siemens Sinteso EN and Cerberus PRO EN Fire Protection Systems Stack Buffer Overflow Vulnerability
Cerberus PRO EN is a fire protection system consisting of fire panels, detection and management stations. It is available to Siemens partners and complies with the European standard EN 54 for fire detection and alarm systems. Sinteso EN is a fire protection system consisting of fire panels,...
Siemens Sinteso EN and Cerberus PRO EN Fire Protection Systems Buffer Overflow Vulnerability
Cerberus PRO EN is a fire protection system consisting of fire panels, detection and management stations. It is available to Siemens partners and complies with the European standard EN 54 for fire detection and alarm systems. Sinteso EN is a fire protection system consisting of fire panels,...
Design/Logic Flaw
A vulnerability has been identified in Cerberus PRO EN Engineering Tool All versions, Cerberus PRO EN Fire Panel FC72x All versions IP8 SR4, Cerberus PRO EN X200 Cloud Distribution All versions V4.3.5618, Cerberus PRO EN X300 Cloud Distribution All versions V4.3.5617, Sinteso FS20 EN Engineering...
Design/Logic Flaw
A vulnerability has been identified in Cerberus PRO EN Engineering Tool All versions, Cerberus PRO EN Fire Panel FC72x All versions IP8 SR4, Cerberus PRO EN X200 Cloud Distribution All versions V4.3.5618, Cerberus PRO EN X300 Cloud Distribution All versions V4.3.5617, Sinteso FS20 EN Engineering...
CVE-2024-22041
A vulnerability has been identified in Cerberus PRO EN Engineering Tool All versions, Cerberus PRO EN Fire Panel FC72x IP6 All versions, Cerberus PRO EN Fire Panel FC72x IP7 All versions, Cerberus PRO EN Fire Panel FC72x IP8 All versions IP8 SR4, Cerberus PRO EN X200 Cloud Distribution IP7 All...
CVE-2024-22041
CVE-2024-22041 pertains to the network communication library in Siemens Cerberus PRO EN and Sinteso/Sinteso Mobile/product ecosystems, which improperly handles memory buffers when parsing X.509 certificates. This leads to an unauthenticated remote attacker potentially crashing the affected networ...
CVE-2024-22040
A vulnerability has been identified in Cerberus PRO EN Engineering Tool All versions, Cerberus PRO EN Fire Panel FC72x IP6 All versions, Cerberus PRO EN Fire Panel FC72x IP7 All versions, Cerberus PRO EN Fire Panel FC72x IP8 All versions IP8 SR4, Cerberus PRO EN X200 Cloud Distribution IP7 All...
CVE-2024-22040
A vulnerability has been identified in Cerberus PRO EN Engineering Tool All versions, Cerberus PRO EN Fire Panel FC72x IP6 All versions, Cerberus PRO EN Fire Panel FC72x IP7 All versions, Cerberus PRO EN Fire Panel FC72x IP8 All versions IP8 SR4, Cerberus PRO EN X200 Cloud Distribution IP7 All...
CVE-2024-22040
Siemens CVE-2024-22040 involves a buffer overread in the network communication library due to insufficient validation of HMAC values. The flaw can allow an unauthenticated remote attacker to crash the affected network service. Affected products span Cerberus PRO EN Engineering Tool, Cerberus PRO ...
CVE-2024-22039
A vulnerability has been identified in Cerberus PRO EN Engineering Tool All versions IP8, Cerberus PRO EN Fire Panel FC72x IP6 All versions IP6 SR3, Cerberus PRO EN Fire Panel FC72x IP7 All versions IP7 SR5, Cerberus PRO EN X200 Cloud Distribution IP7 All versions V3.0.6602, Cerberus PRO EN X200...
CVE-2024-22039
CVE-2024-22039 is a critical network-exposed vulnerability in Siemens Cerberus PRO EN/Sinteso EN and Desigo Fire Safety UL/FS products, caused by a stack-based buffer overflow in the network communication library due to unchecked lengths of certain X.509 certificate attributes. Impact: unauthenti...
Siemens 多款产品缓冲区错误漏洞
Cerberus PRO EN is a fire protection system consisting of fire panels, detection and management stations. It is available to Siemens partners and complies with the European standard EN 54 for fire detection and alarm systems. Sinteso EN is a fire protection system consisting of fire panels,...