CVE-2024-22040 Information
Description
A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions) Cerberus PRO EN Fire Panel FC72x (All versions < IP8 SR4) Cerberus PRO EN X200 Cloud Distribution (All versions < V4.3.5618) Cerberus PRO EN X300 Cloud Distribution (All versions < V4.3.5617) Sinteso FS20 EN Engineering Tool (All versions) Sinteso FS20 EN Fire Panel FC20 (All versions < MP8 SR4) Sinteso FS20 EN X200 Cloud Distribution (All versions < V4.3.5618) Sinteso FS20 EN X300 Cloud Distribution (All versions < V4.3.5617) Sinteso Mobile (All versions). The network communication library in affected systems insufficiently validates HMAC values which might result in a buffer overread. This could allow an unauthenticated remote attacker to crash the network service.
Reference
https://cert-portal.siemens.com/productcert/html/ssa-225840.html
Share on: