February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Donot APT Group – Active IOCs
March 17, 2024Rewterz Threat Advisory – Multiple Microsoft Products Vulnerabilities
March 18, 2024Rewterz Threat Alert – Donot APT Group – Active IOCs
March 17, 2024Rewterz Threat Advisory – Multiple Microsoft Products Vulnerabilities
March 18, 2024
Severity
High
Analysis Summary
CVE-2024-22041 CVSS:7.5
Siemens Sinteso EN Cerberus PRO EN Fire Protection Systems is vulnerable to a denial of service, caused by an out-of-bounds read flaw. By sending a specially crafted request, a remote attacker could exploit this vulnerability to crash the network service
CVE-2024-22040 CVSS:7.5
Siemens Sinteso EN Cerberus PRO EN Fire Protection Systems is vulnerable to a denial of service, caused by an out-of-bounds read flaw. By sending a specially crafted request, a remote attacker could exploit this vulnerability to crash the network service.
CVE-2024-22039 CVSS:10
Siemens Sinteso EN Cerberus PRO EN Fire Protection Systems is vulnerable to a classic buffer overflow, caused by improper bounds checking. By sending a specially crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2024-22044 CVSS:7.5
Siemens SENTRON is vulnerable to a denial of service, caused by containing a hidden functionality. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-22045 CVSS:7.6
Siemens SINEMA Remote Connect Client could allow a remote authenticated attacker to obtain sensitive information, caused by insertion of sensitive information into externally-accessible file or directory. By sending a specially crafted request, a remote attacker could <exploit this vulnerability to obtain sensitive information.
CVE-2022-32257 CVSS:9.8
Siemens SINEMA Remote Connect Server could allow a remote attacker to execute arbitrary code on the system, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to access to resources and potentially lead to code execution.
CVE-2020-23064 CVSS:6.1
Siemens SINEMA Remote Connect Server is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victims Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victims cookie-based authentication credentials.
CVE-2024-21483 CVSS:4.6
Siemens SENTRON 7KM PAC3x20 could allow a local attacker to obtain sensitive information, caused by improper access control. AN attacker could exploit this vulnerability to obtain sensitive information with physical access.
Impact
- Denial of Service
- Gain Access
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2024-22041
- CVE-2024-22040
- CVE-2024-22039
- CVE-2024-22044
- CVE-2024-22045
- CVE-2022-32257
- CVE-2020-23064
- CVE-2024-21483
Affected Vendors
Siemens
Affected Products
- Siemens Sinema Remote Connect Client 3.0
- Siemens Cerberus PRO EN Engineering Tool
- Siemens Cerberus PRO EN Fire Panel FC72x
- Siemens Cerberus PRO EN X200 Cloud Distribution
- Siemens Cerberus PRO EN X300 Cloud Distribution
- Siemens Sinteso FS20 EN Engineering Tool
- Siemens Sinteso FS20 EN Fire Panel FC20
- Siemens Sinteso FS20 EN X200 Cloud Distribution
- Siemens Sinteso Mobile
- Siemens SENTRON 3KC ATC6 Expansion Module Ethernet (3KC9000-8TL75)
- Siemens SINEMA Remote Connect Client
- Siemens SENTRON 7KM PAC3120 AC/DC (7KM3120-0BA01-1DA0) 3.2.3
- Siemens SENTRON 7KM PAC3120 DC (7KM3120-1BA01-1EA0) 3.2.3
- Siemens SENTRON 7KM PAC3220 AC/DC (7KM3220-0BA01-1DA0) 3.2.3
- Siemens SENTRON 7KM PAC3220 DC (7KM3220-1BA01-1EA0) 3.2.3
- Siemens Sinteso FS20 EN X300 Cloud Distribution
Remediation
Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information.