cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-22041,https://securityvulnerability.io/vulnerability/CVE-2024-22041,Memory Buffer Handling Flaw in Cerberus and Desigo Fire Safety Products by Siemens,"A vulnerability has been detected in the network communication library of specific Siemens fire safety products, such as Cerberus and Desigo. This issue arises from improper handling of memory buffers during the processing of X.509 certificates. An unauthenticated remote attacker could exploit this flaw to cause a disruption in network services, potentially leading to system crashes. Affected versions span multiple product lines and highlights the importance of updating to the latest software releases to mitigate risks.",Siemens,"Cerberus Pro En Engineering Tool,Cerberus Pro En Fire Panel Fc72x Ip6,Cerberus Pro En Fire Panel Fc72x Ip7,Cerberus Pro En Fire Panel Fc72x Ip8,Cerberus Pro En X200 Cloud Distribution Ip7,Cerberus Pro En X200 Cloud Distribution Ip8,Cerberus Pro En X300 Cloud Distribution Ip7,Cerberus Pro En X300 Cloud Distribution Ip8,Cerberus Pro Ul Compact Panel Fc922/924,Cerberus Pro Ul Engineering Tool,Cerberus Pro Ul X300 Cloud Distribution,Desigo Fire Safety Ul Compact Panel Fc2025/2050,Desigo Fire Safety Ul Engineering Tool,Desigo Fire Safety Ul X300 Cloud Distribution,Sinteso Fs20 En Engineering Tool,Sinteso Fs20 En Fire Panel Fc20 Mp6,Sinteso Fs20 En Fire Panel Fc20 Mp7,Sinteso Fs20 En Fire Panel Fc20 Mp8,Sinteso Fs20 En X200 Cloud Distribution Mp7,Sinteso Fs20 En X200 Cloud Distribution Mp8,Sinteso Fs20 En X300 Cloud Distribution Mp7,Sinteso Fs20 En X300 Cloud Distribution Mp8,Sinteso Mobile",7.5,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,2024-03-12T10:21:56.212Z,0
CVE-2024-22040,https://securityvulnerability.io/vulnerability/CVE-2024-22040,Buffer Overread Vulnerability in Cerberus PRO and Desigo Fire Safety Products,"A buffer overread vulnerability has been discovered within the network communication library of various Siemens products, including the Cerberus PRO and Desigo Fire Safety series. The flaw arises from insufficient validation of HMAC values, which can be exploited by unauthenticated remote attackers. By triggering this vulnerability, an attacker could potentially crash the network service, leading to significant operational disruptions. All versions of the affected products must be reviewed and updated to mitigate this risk.",Siemens,"Cerberus Pro En Engineering Tool,Cerberus Pro En Fire Panel Fc72x Ip6,Cerberus Pro En Fire Panel Fc72x Ip7,Cerberus Pro En Fire Panel Fc72x Ip8,Cerberus Pro En X200 Cloud Distribution Ip7,Cerberus Pro En X200 Cloud Distribution Ip8,Cerberus Pro En X300 Cloud Distribution Ip7,Cerberus Pro En X300 Cloud Distribution Ip8,Cerberus Pro Ul Compact Panel Fc922/924,Cerberus Pro Ul Engineering Tool,Cerberus Pro Ul X300 Cloud Distribution,Desigo Fire Safety Ul Compact Panel Fc2025/2050,Desigo Fire Safety Ul Engineering Tool,Desigo Fire Safety Ul X300 Cloud Distribution,Sinteso Fs20 En Engineering Tool,Sinteso Fs20 En Fire Panel Fc20 Mp6,Sinteso Fs20 En Fire Panel Fc20 Mp7,Sinteso Fs20 En Fire Panel Fc20 Mp8,Sinteso Fs20 En X200 Cloud Distribution Mp7,Sinteso Fs20 En X200 Cloud Distribution Mp8,Sinteso Fs20 En X300 Cloud Distribution Mp7,Sinteso Fs20 En X300 Cloud Distribution Mp8,Sinteso Mobile",7.5,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,2024-03-12T10:21:54.934Z,0
CVE-2024-22039,https://securityvulnerability.io/vulnerability/CVE-2024-22039,Buffer Overflow Vulnerability in Cerberus PRO and Desigo Fire Safety Products,"CVE-2024-22039 is a critical vulnerability in Siemens' Sinteso EN and Cerberus PRO EN fire protection systems, with a high CVSS score of 10, indicating its severe impact. The vulnerability allows attackers to execute code with root privileges on the system by exploiting unchecked X.509 certificate attributes, potentially leading to crashes and hindering emergency responses. The affected products include various components within the fire protection systems, such as engineering tools and mobile apps. Siemens has released patches for some of the affected products and provided workaround procedures for others, urging organizations to implement these measures immediately. The exploitation of CVE-2024-22039 poses a significant risk, emphasizing the importance of securing specialized systems like fire protection to mitigate the potential impact on lives and property.",Siemens,"Cerberus Pro En Engineering Tool,Cerberus Pro En Fire Panel Fc72x Ip6,Cerberus Pro En Fire Panel Fc72x Ip7,Cerberus Pro En X200 Cloud Distribution Ip7,Cerberus Pro En X200 Cloud Distribution Ip8,Cerberus Pro En X300 Cloud Distribution Ip7,Cerberus Pro En X300 Cloud Distribution Ip8,Cerberus Pro Ul Compact Panel Fc922/924,Cerberus Pro Ul Engineering Tool,Cerberus Pro Ul X300 Cloud Distribution,Desigo Fire Safety Ul Compact Panel Fc2025/2050,Desigo Fire Safety Ul Engineering Tool,Desigo Fire Safety Ul X300 Cloud Distribution,Sinteso Fs20 En Engineering Tool,Sinteso Fs20 En Fire Panel Fc20 Mp6,Sinteso Fs20 En Fire Panel Fc20 Mp7,Sinteso Fs20 En X200 Cloud Distribution Mp7,Sinteso Fs20 En X200 Cloud Distribution Mp8,Sinteso Fs20 En X300 Cloud Distribution Mp7,Sinteso Fs20 En X300 Cloud Distribution Mp8,Sinteso Mobile",10,CRITICAL,0.0010100000072270632,false,,true,false,false,,false,false,2024-03-12T10:21:53.634Z,0