{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-22039","assignerOrgId":"cec7a2ec-15b4-4faf-bd53-b40f371f3a77","state":"PUBLISHED","assignerShortName":"siemens","dateReserved":"2024-01-04T13:24:07.552Z","datePublished":"2024-03-12T10:21:53.634Z","dateUpdated":"2025-12-16T18:13:22.497Z"},"containers":{"cna":{"providerMetadata":{"orgId":"cec7a2ec-15b4-4faf-bd53-b40f371f3a77","shortName":"siemens","dateUpdated":"2024-05-15T07:23:51.702Z"},"descriptions":[{"lang":"en","value":"A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions < IP8), Cerberus PRO EN Fire Panel FC72x IP6 (All versions < IP6 SR3), Cerberus PRO EN Fire Panel FC72x IP7 (All versions < IP7 SR5), Cerberus PRO EN X200 Cloud Distribution IP7 (All versions < V3.0.6602), Cerberus PRO EN X200 Cloud Distribution IP8 (All versions < V4.0.5016), Cerberus PRO EN X300 Cloud Distribution IP7 (All versions < V3.2.6601), Cerberus PRO EN X300 Cloud Distribution IP8 (All versions < V4.2.5015), Cerberus PRO UL Compact Panel FC922/924 (All versions < MP4), Cerberus PRO UL Engineering Tool (All versions < MP4), Cerberus PRO UL X300 Cloud Distribution (All versions < V4.3.0001), Desigo Fire Safety UL Compact Panel FC2025/2050 (All versions < MP4), Desigo Fire Safety UL Engineering Tool (All versions < MP4), Desigo Fire Safety UL X300 Cloud Distribution (All versions < V4.3.0001), Sinteso FS20 EN Engineering Tool (All versions < MP8), Sinteso FS20 EN Fire Panel FC20 MP6 (All versions < MP6 SR3), Sinteso FS20 EN Fire Panel FC20 MP7 (All versions < MP7 SR5), Sinteso FS20 EN X200 Cloud Distribution MP7 (All versions < V3.0.6602), Sinteso FS20 EN X200 Cloud Distribution MP8 (All versions < V4.0.5016), Sinteso FS20 EN X300 Cloud Distribution MP7 (All versions < V3.2.6601), Sinteso FS20 EN X300 Cloud Distribution MP8 (All versions < V4.2.5015), Sinteso Mobile (All versions < V3.0.0). The network communication library in affected systems does not validate the length of certain X.509 certificate attributes which might result in a stack-based buffer overflow.\r\nThis could allow an unauthenticated remote attacker to execute code on the underlying operating system with root privileges."}],"affected":[{"vendor":"Siemens","product":"Cerberus PRO EN Engineering Tool","versions":[{"status":"affected","version":"0","lessThan":"IP8","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Cerberus PRO EN Fire Panel FC72x IP6","versions":[{"status":"affected","version":"0","lessThan":"IP6 SR3","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Cerberus PRO EN Fire Panel FC72x IP7","versions":[{"status":"affected","version":"0","lessThan":"IP7 SR5","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Cerberus PRO EN X200 Cloud Distribution IP7","versions":[{"status":"affected","version":"0","lessThan":"V3.0.6602","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Cerberus PRO EN X200 Cloud Distribution IP8","versions":[{"status":"affected","version":"0","lessThan":"V4.0.5016","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Cerberus PRO EN X300 Cloud Distribution IP7","versions":[{"status":"affected","version":"0","lessThan":"V3.2.6601","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Cerberus PRO EN X300 Cloud Distribution IP8","versions":[{"status":"affected","version":"0","lessThan":"V4.2.5015","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Cerberus PRO UL Compact Panel FC922/924","versions":[{"status":"affected","version":"0","lessThan":"MP4","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Cerberus PRO UL Engineering Tool","versions":[{"status":"affected","version":"0","lessThan":"MP4","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Cerberus PRO UL X300 Cloud Distribution","versions":[{"status":"affected","version":"0","lessThan":"V4.3.0001","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Desigo Fire Safety UL Compact Panel FC2025/2050","versions":[{"status":"affected","version":"0","lessThan":"MP4","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Desigo Fire Safety UL Engineering Tool","versions":[{"status":"affected","version":"0","lessThan":"MP4","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Desigo Fire Safety UL X300 Cloud Distribution","versions":[{"status":"affected","version":"0","lessThan":"V4.3.0001","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Sinteso FS20 EN Engineering Tool","versions":[{"status":"affected","version":"0","lessThan":"MP8","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Sinteso FS20 EN Fire Panel FC20 MP6","versions":[{"status":"affected","version":"0","lessThan":"MP6 SR3","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Sinteso FS20 EN Fire Panel FC20 MP7","versions":[{"status":"affected","version":"0","lessThan":"MP7 SR5","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Sinteso FS20 EN X200 Cloud Distribution MP7","versions":[{"status":"affected","version":"0","lessThan":"V3.0.6602","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Sinteso FS20 EN X200 Cloud Distribution MP8","versions":[{"status":"affected","version":"0","lessThan":"V4.0.5016","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Sinteso FS20 EN X300 Cloud Distribution MP7","versions":[{"status":"affected","version":"0","lessThan":"V3.2.6601","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Sinteso FS20 EN X300 Cloud Distribution MP8","versions":[{"status":"affected","version":"0","lessThan":"V4.2.5015","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"Sinteso Mobile","versions":[{"status":"affected","version":"0","lessThan":"V3.0.0","versionType":"custom"}],"defaultStatus":"unknown"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C","baseScore":10,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-120","description":"CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')","type":"CWE"}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-225840.html"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-953710.html"}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-22039","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"total"}],"version":"2.0.3","timestamp":"2024-05-21T04:00:58.192224Z"}}}],"affected":[{"cpes":["cpe:2.3:a:siemens:cerberus_pro_en_engineering_tool:-:*:*:*:*:*:*:*"],"vendor":"siemens","product":"cerberus_pro_en_engineering_tool","versions":[{"status":"affected","version":"-"}],"defaultStatus":"unknown"},{"cpes":["cpe:2.3:a:siemens:cerberus_pro_en_fire_panel_fc72x:-:*:*:*:*:*:*:*"],"vendor":"siemens","product":"cerberus_pro_en_fire_panel_fc72x","versions":[{"status":"affected","version":"-"}],"defaultStatus":"unknown"},{"cpes":["cpe:2.3:a:siemens:cerberus_pro_en_x300_cloud_distribution:-:*:*:*:*:*:*:*"],"vendor":"siemens","product":"cerberus_pro_en_x300_cloud_distribution","versions":[{"status":"affected","version":"-"}],"defaultStatus":"unknown"},{"cpes":["cpe:2.3:a:siemens:cerberus_pro_ul_compact_panel:*:*:*:*:*:*:*:*"],"vendor":"siemens","product":"cerberus_pro_ul_compact_panel","versions":[{"status":"affected","version":"*"}],"defaultStatus":"unknown"},{"cpes":["cpe:2.3:a:siemens:cerberus_pro_en_x200_cloud_distribution:-:*:*:*:*:*:*:*"],"vendor":"siemens","product":"cerberus_pro_en_x200_cloud_distribution","versions":[{"status":"affected","version":"-"}],"defaultStatus":"unknown"},{"cpes":["cpe:2.3:a:siemens:cerberus_pro_ul_engineering_tool:*:*:*:*:*:*:*:*"],"vendor":"siemens","product":"cerberus_pro_ul_engineering_tool","versions":[{"status":"affected","version":"*"}],"defaultStatus":"unknown"},{"cpes":["cpe:2.3:a:siemens:cerberus_pro_ul_x300_cloud:*:*:*:*:*:*:*:*"],"vendor":"siemens","product":"cerberus_pro_ul_x300_cloud","versions":[{"status":"affected","version":"*"}],"defaultStatus":"unknown"},{"cpes":["cpe:2.3:a:siemens:desigo_fire_safety_ul_compact_panel:*:*:*:*:*:*:*:*"],"vendor":"siemens","product":"desigo_fire_safety_ul_compact_panel","versions":[{"status":"affected","version":"0","lessThan":"mp4","versionType":"custom"}],"defaultStatus":"unknown"},{"cpes":["cpe:2.3:a:siemens:desigo_fire_safety_ul_engineering_tool:*:*:*:*:*:*:*:*"],"vendor":"siemens","product":"desigo_fire_safety_ul_engineering_tool","versions":[{"status":"affected","version":"0","lessThan":"v4.3.0001","versionType":"custom"}],"defaultStatus":"unknown"},{"cpes":["cpe:2.3:a:siemens:sinteso_fs20_en_fire_panel_fc20:-:*:*:*:*:*:*:*"],"vendor":"siemens","product":"sinteso_fs20_en_fire_panel_fc20","versions":[{"status":"affected","version":"-"}],"defaultStatus":"unknown"},{"cpes":["cpe:2.3:a:siemens:sinteso_fs20_en_x200_cloud_distribution:*:*:*:*:*:*:*:*"],"vendor":"siemens","product":"sinteso_fs20_en_x200_cloud_distribution","versions":[{"status":"affected","version":"*"}],"defaultStatus":"unknown"},{"cpes":["cpe:2.3:a:siemens:sinteso_fs20_en_x300_cloud_distribution:*:*:*:*:*:*:*:*"],"vendor":"siemens","product":"sinteso_fs20_en_x300_cloud_distribution","versions":[{"status":"affected","version":"*"}],"defaultStatus":"unknown"},{"cpes":["cpe:2.3:a:siemens:sinteso_mobile:*:*:*:*:*:*:*:*"],"vendor":"siemens","product":"sinteso_mobile","versions":[{"status":"affected","version":"*"}],"defaultStatus":"unknown"}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-12-16T18:13:22.497Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-01T22:35:34.899Z"},"title":"CVE Program Container","references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-225840.html","tags":["x_transferred"]},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-953710.html","tags":["x_transferred"]}]}]}}