all InfoSec news
SSA-225840 V1.0: Vulnerabilities in the Network Communication Stack in Sinteso EN and Cerberus PRO EN Fire Protection Systems
Siemens ProductCERT Security Advisories cert-portal.siemens.com
Several products used in Sinteso EN and Cerberus PRO EN Fire Protection Systems contain buffer overflow vulnerabilities in the network communication stack. Successful exploitation of the vulnerabilities could allow an unauthenticated attacker, who gained access to the fire protection system network, to execute arbitrary code on the affected products (CVE-2024-22039) or create a denial of service condition (CVE-2024-22040, CVE-2024-22041).
Product-specific impact of the individual vulnerabilities is documented in the chapter “Vulnerability Description”.
Siemens has released new versions for several affected …
access attacker buffer buffer overflow buffer overflow vulnerabilities cerberus communication exploitation fire network network communication overflow pro products protection ssa stack system systems unauthenticated vulnerabilities