CVE-2022-31812

A vulnerability has been identified in SiPass integrated (All versions < V2.95.3.18). Affected server applications contain an out of bounds read past the end of an allocated buffer while checking the integrity of incoming packets. This could allow an unauthenticated remote attacker to create a denial of service condition.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://cert-portal.siemens.com/productcert/html/ssa-041082.html	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:siemens:sipass_integrated:*:*:*:*:*:*:*:*

History

22 Aug 2025, 19:37

Type	Values Removed	Values Added
First Time		Siemens sipass Integrated Siemens
CPE		cpe:2.3:a:siemens:sipass_integrated::::::::
Summary		(es) Se ha identificado una vulnerabilidad en SiPass integrado (todas las versiones anteriores a la V2.95.3.18). Las aplicaciones de servidor afectadas contienen una lectura fuera de los límites que excede el límite de un búfer asignado al comprobar la integridad de los paquetes entrantes. Esto podría permitir que un atacante remoto no autenticado cree una condición de denegación de servicio.
References	~~() https://cert-portal.siemens.com/productcert/html/ssa-041082.html -~~	() https://cert-portal.siemens.com/productcert/html/ssa-041082.html - Vendor Advisory

23 May 2025, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-23 15:15

Updated : 2025-08-22 19:37

NVD link : CVE-2022-31812

Mitre link : CVE-2022-31812

CVE.ORG link : CVE-2022-31812

JSON object : View

Products Affected

siemens

sipass_integrated

CWE

CWE-125

Out-of-bounds Read

{"id": "CVE-2022-31812", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "productcert@siemens.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "productcert@siemens.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-05-23T15:15:21.437", "references": [{"url": "https://cert-portal.siemens.com/productcert/html/ssa-041082.html", "tags": ["Vendor Advisory"], "source": "productcert@siemens.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "productcert@siemens.com", "description": [{"lang": "en", "value": "CWE-125"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SiPass integrated (All versions < V2.95.3.18). Affected server applications contain an out of bounds read past the end of an allocated buffer while checking the integrity of incoming packets. This could allow an unauthenticated remote attacker to create a denial of service condition."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en SiPass integrado (todas las versiones anteriores a la V2.95.3.18). Las aplicaciones de servidor afectadas contienen una lectura fuera de los l\u00edmites que excede el l\u00edmite de un b\u00fafer asignado al comprobar la integridad de los paquetes entrantes. Esto podr\u00eda permitir que un atacante remoto no autenticado cree una condici\u00f3n de denegaci\u00f3n de servicio."}], "lastModified": "2025-08-22T19:37:02.577", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:siemens:sipass_integrated:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E815BFF-9A77-4B4D-8159-9D6179C5B9D3", "versionEndExcluding": "2.95.3.18"}], "operator": "OR"}]}], "sourceIdentifier": "productcert@siemens.com"}