all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

SSA-225840 V1.0: Vulnerabilities in the Network Communication Stack in Sinteso EN and Cerberus PRO EN Fire Protection Systems

Add to bookmarks
March 12, 2024, midnight |

Siemens ProductCERT Security Advisories cert-portal.siemens.com

Several products used in Sinteso EN and Cerberus PRO EN Fire Protection Systems contain buffer overflow vulnerabilities in the network communication stack. Successful exploitation of the vulnerabilities could allow an unauthenticated attacker, who gained access to the fire protection system network, to execute arbitrary code on the affected products (CVE-2024-22039) or create a denial of service condition (CVE-2024-22040, CVE-2024-22041).


Product-specific impact of the individual vulnerabilities is documented in the chapter “Vulnerability Description”.


Siemens has released new versions for several affected …

access attacker buffer buffer overflow buffer overflow vulnerabilities cerberus communication exploitation fire network network communication overflow pro products protection ssa stack system systems unauthenticated vulnerabilities

Visit resource

More from cert-portal.siemens.com / Siemens ProductCERT Security Advisories

SSA-750274 V1.0: Impact of CVE-2024-3400 on RUGGEDCOM APE1808 devices configured with Palo Alto Networks Virtual … 2 weeks, 2 days ago | cert-portal.siemens.com
addresses advisory alto countermeasures +22
SSA-222019 V1.0: X_T File Parsing Vulnerabilities in Parasolid 3 weeks, 5 days ago | cert-portal.siemens.com
application applications attacker code +12
SSA-885980 V1.0: Multiple Vulnerabilities in Scalance W1750D 3 weeks, 5 days ago | cert-portal.siemens.com
attacker buffer buffer overflow code +16
SSA-822518 V1.0: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW before V11.0.1 on RUGGEDCOM APE1808 … 3 weeks, 5 days ago | cert-portal.siemens.com
advisory alto countermeasures customers +18
SSA-455250 V1.0: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 devices 3 weeks, 5 days ago | cert-portal.siemens.com
advisory alto countermeasures customers +18
SSA-265688 V1.0: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1 3 weeks, 5 days ago | cert-portal.siemens.com
countermeasures fix fixes gnu +7
SSA-730482 V1.0: Denial of Service Vulnerability in SIMATIC WinCC 3 weeks, 5 days ago | cert-portal.siemens.com
attacker box denial of service dialog +14
SSA-556635 V1.0: Multiple Vulnerabilities in Telecontrol Server Basic before V3.1.2.0 3 weeks, 5 days ago | cert-portal.siemens.com
1.2.0 basic fixes server +4
SSA-128433 V1.0: Multiple Vulnerabilities in SINEC NMS before V2.0 SP2 3 weeks, 5 days ago | cert-portal.siemens.com
latest nms siemens sinec +4

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Technical Senior Manager, SecOps | Remote US

@ Coalfire | United States
View on infosec-jobs.com

Global Cybersecurity Governance Analyst

@ UL Solutions | United States
View on infosec-jobs.com

Security Engineer II, AWS Offensive Security

@ Amazon.com | US, WA, Virtual Location - Washington
View on infosec-jobs.com

Senior Cyber Threat Intelligence Analyst

@ Sainsbury's | Coventry, West Midlands, United Kingdom
View on infosec-jobs.com

Embedded Global Intelligence and Threat Monitoring Analyst

@ Sibylline Ltd | Austin, Texas, United States
View on infosec-jobs.com

Senior Security Engineer

@ Curai Health | Remote
View on infosec-jobs.com
View more jobs