CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
AI Score
Confidence
High
EPSS
Percentile
33.2%
A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions < IP8), Cerberus PRO EN Fire Panel FC72x IP6 (All versions < IP6 SR3), Cerberus PRO EN Fire Panel FC72x IP7 (All versions < IP7 SR5), Cerberus PRO EN X200 Cloud Distribution IP7 (All versions < V3.0.6602), Cerberus PRO EN X200 Cloud Distribution IP8 (All versions < V4.0.5016), Cerberus PRO EN X300 Cloud Distribution IP7 (All versions < V3.2.6601), Cerberus PRO EN X300 Cloud Distribution IP8 (All versions < V4.2.5015), Cerberus PRO UL Compact Panel FC922/924 (All versions < MP4), Cerberus PRO UL Engineering Tool (All versions < MP4), Cerberus PRO UL X300 Cloud Distribution (All versions < V4.3.0001), Desigo Fire Safety UL Compact Panel FC2025/2050 (All versions < MP4), Desigo Fire Safety UL Engineering Tool (All versions < MP4), Desigo Fire Safety UL X300 Cloud Distribution (All versions < V4.3.0001), Sinteso FS20 EN Engineering Tool (All versions < MP8), Sinteso FS20 EN Fire Panel FC20 MP6 (All versions < MP6 SR3), Sinteso FS20 EN Fire Panel FC20 MP7 (All versions < MP7 SR5), Sinteso FS20 EN X200 Cloud Distribution MP7 (All versions < V3.0.6602), Sinteso FS20 EN X200 Cloud Distribution MP8 (All versions < V4.0.5016), Sinteso FS20 EN X300 Cloud Distribution MP7 (All versions < V3.2.6601), Sinteso FS20 EN X300 Cloud Distribution MP8 (All versions < V4.2.5015), Sinteso Mobile (All versions < V3.0.0). The network communication library in affected systems does not validate the length of certain X.509 certificate attributes which might result in a stack-based buffer overflow.
This could allow an unauthenticated remote attacker to execute code on the underlying operating system with root privileges.
Vendor | Product | Version | CPE |
---|---|---|---|
siemens | cerberus_pro_en_engineering_tool | * | cpe:2.3:a:siemens:cerberus_pro_en_engineering_tool:*:*:*:*:*:*:*:* |
siemens | cerberus_pro_en_fire_panel_fc72x | * | cpe:2.3:a:siemens:cerberus_pro_en_fire_panel_fc72x:*:*:*:*:*:*:*:* |
siemens | cerberus_pro_en_x200_cloud_distribution | * | cpe:2.3:a:siemens:cerberus_pro_en_x200_cloud_distribution:*:*:*:*:*:*:*:* |
siemens | cerberus_pro_en_x300_cloud_distribution | * | cpe:2.3:a:siemens:cerberus_pro_en_x300_cloud_distribution:*:*:*:*:*:*:*:* |
siemens | sinteso_fs20_en_engineering_tool | * | cpe:2.3:a:siemens:sinteso_fs20_en_engineering_tool:*:*:*:*:*:*:*:* |
siemens | sinteso_fs20_en_fire_panel_fc20 | * | cpe:2.3:a:siemens:sinteso_fs20_en_fire_panel_fc20:*:*:*:*:*:*:*:* |
siemens | sinteso_fs20_en_x200_cloud_distribution | * | cpe:2.3:a:siemens:sinteso_fs20_en_x200_cloud_distribution:*:*:*:*:*:*:*:* |
siemens | sinteso_fs20_en_x300_cloud_distribution | * | cpe:2.3:a:siemens:sinteso_fs20_en_x300_cloud_distribution:*:*:*:*:*:*:*:* |
siemens | sinteso_mobile | * | cpe:2.3:a:siemens:sinteso_mobile:*:*:*:*:*:*:*:* |
[
{
"vendor": "Siemens",
"product": "Cerberus PRO EN Engineering Tool",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "IP8",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "Cerberus PRO EN Fire Panel FC72x IP6",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "IP6 SR3",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "Cerberus PRO EN Fire Panel FC72x IP7",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "IP7 SR5",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "Cerberus PRO EN X200 Cloud Distribution IP7",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "V3.0.6602",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "Cerberus PRO EN X200 Cloud Distribution IP8",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "V4.0.5016",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "Cerberus PRO EN X300 Cloud Distribution IP7",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "V3.2.6601",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "Cerberus PRO EN X300 Cloud Distribution IP8",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "V4.2.5015",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "Cerberus PRO UL Compact Panel FC922/924",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "MP4",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "Cerberus PRO UL Engineering Tool",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "MP4",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "Cerberus PRO UL X300 Cloud Distribution",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "V4.3.0001",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "Desigo Fire Safety UL Compact Panel FC2025/2050",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "MP4",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "Desigo Fire Safety UL Engineering Tool",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "MP4",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "Desigo Fire Safety UL X300 Cloud Distribution",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "V4.3.0001",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "Sinteso FS20 EN Engineering Tool",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "MP8",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "Sinteso FS20 EN Fire Panel FC20 MP6",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "MP6 SR3",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "Sinteso FS20 EN Fire Panel FC20 MP7",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "MP7 SR5",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "Sinteso FS20 EN X200 Cloud Distribution MP7",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "V3.0.6602",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "Sinteso FS20 EN X200 Cloud Distribution MP8",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "V4.0.5016",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "Sinteso FS20 EN X300 Cloud Distribution MP7",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "V3.2.6601",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "Sinteso FS20 EN X300 Cloud Distribution MP8",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "V4.2.5015",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "Sinteso Mobile",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "V3.0.0",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
AI Score
Confidence
High
EPSS
Percentile
33.2%