CVE-2022-31812

HIGH

Siemens Sipass Integrated < 2.95.3.18 - Out-of-Bounds Read

Title source: rule

Description

A vulnerability has been identified in SiPass integrated (All versions < V2.95.3.18). Affected server applications contain an out of bounds read past the end of an allocated buffer while checking the integrity of incoming packets. This could allow an unauthenticated remote attacker to create a denial of service condition.

References (1)

Core 1

Core References

Vendor Advisory

https://cert-portal.siemens.com/productcert/html/ssa-041082.html

Scores

CVSS v3 7.5

EPSS 0.0040

EPSS Percentile 60.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-125

Status published

Products (1)

siemens/sipass_integrated < 2.95.3.18

Published May 23, 2025

Tracked Since Feb 18, 2026