Cerberus/Sinteso X509 Cert Length Stack Buffer Overflow (All < IP8)
CVE-2024-22039 Published on March 12, 2024
A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions < IP8), Cerberus PRO EN Fire Panel FC72x IP6 (All versions < IP6 SR3), Cerberus PRO EN Fire Panel FC72x IP7 (All versions < IP7 SR5), Cerberus PRO EN X200 Cloud Distribution IP7 (All versions < V3.0.6602), Cerberus PRO EN X200 Cloud Distribution IP8 (All versions < V4.0.5016), Cerberus PRO EN X300 Cloud Distribution IP7 (All versions < V3.2.6601), Cerberus PRO EN X300 Cloud Distribution IP8 (All versions < V4.2.5015), Cerberus PRO UL Compact Panel FC922/924 (All versions < MP4), Cerberus PRO UL Engineering Tool (All versions < MP4), Cerberus PRO UL X300 Cloud Distribution (All versions < V4.3.0001), Desigo Fire Safety UL Compact Panel FC2025/2050 (All versions < MP4), Desigo Fire Safety UL Engineering Tool (All versions < MP4), Desigo Fire Safety UL X300 Cloud Distribution (All versions < V4.3.0001), Sinteso FS20 EN Engineering Tool (All versions < MP8), Sinteso FS20 EN Fire Panel FC20 MP6 (All versions < MP6 SR3), Sinteso FS20 EN Fire Panel FC20 MP7 (All versions < MP7 SR5), Sinteso FS20 EN X200 Cloud Distribution MP7 (All versions < V3.0.6602), Sinteso FS20 EN X200 Cloud Distribution MP8 (All versions < V4.0.5016), Sinteso FS20 EN X300 Cloud Distribution MP7 (All versions < V3.2.6601), Sinteso FS20 EN X300 Cloud Distribution MP8 (All versions < V4.2.5015), Sinteso Mobile (All versions < V3.0.0). The network communication library in affected systems does not validate the length of certain X.509 certificate attributes which might result in a stack-based buffer overflow. This could allow an unauthenticated remote attacker to execute code on the underlying operating system with root privileges.
Weakness Type
What is a Classic Buffer Overflow Vulnerability?
The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow. A buffer overflow condition exists when a program attempts to put more data in a buffer than it can hold, or when a program attempts to put data in a memory area outside of the boundaries of a buffer. The simplest type of error, and the most common cause of buffer overflows, is the "classic" case in which the program copies the buffer without restricting how much is copied. Other variants exist, but the existence of a classic overflow strongly suggests that the programmer is not considering even the most basic of security protections.
CVE-2024-22039 has been classified to as a Classic Buffer Overflow vulnerability or weakness.
Products Associated with CVE-2024-22039
Want to know whenever a new CVE is published for Siemens products? stack.watch will email you.
Affected Versions
Siemens Cerberus PRO EN Engineering Tool:- Before IP8 is affected.
- Before IP6 SR3 is affected.
- Before IP7 SR5 is affected.
- Before V3.0.6602 is affected.
- Before V4.0.5016 is affected.
- Before V3.2.6601 is affected.
- Before V4.2.5015 is affected.
- Before MP4 is affected.
- Before MP4 is affected.
- Before V4.3.0001 is affected.
- Before MP4 is affected.
- Before MP4 is affected.
- Before V4.3.0001 is affected.
- Before MP8 is affected.
- Before MP6 SR3 is affected.
- Before MP7 SR5 is affected.
- Before V3.0.6602 is affected.
- Before V4.0.5016 is affected.
- Before V3.2.6601 is affected.
- Before V4.2.5015 is affected.
- Before V3.0.0 is affected.
- Version - is affected.
- Version - is affected.
- Version - is affected.
- Version * is affected.
- Version - is affected.
- Version * is affected.
- Version * is affected.
- Before mp4 is affected.
- Before v4.3.0001 is affected.
- Version - is affected.
- Version * is affected.
- Version * is affected.
- Version * is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.