Publication Date:
Last Update:
Current Version: V1.1
CVSS v3.1 Base Score: 10.0
CVSS v4.0 Base Score: 10.0
Affected Product and Versions Remediation

All versions < IP8
affected by CVE-2024-22039
Update to IP8 or later version

All versions
affected by CVE-2024-22040, CVE-2024-22041
Currently no fix is available

All versions < IP6 SR3
affected by CVE-2024-22039
Update to IP6 SR3 or later version

All versions
affected by CVE-2024-22040, CVE-2024-22041
Currently no fix is planned

All versions < IP7 SR5
affected by CVE-2024-22039
Update to IP7 SR5 or later version

All versions
affected by CVE-2024-22040, CVE-2024-22041
Currently no fix is planned

All versions < IP8 SR4
affected by CVE-2024-22040, CVE-2024-22041
Update to IP8 SR4 or later version

All versions < V3.0.6602
affected by CVE-2024-22039
Update to V3.0.6602 or later version

All versions
affected by CVE-2024-22040, CVE-2024-22041
Currently no fix is planned

All versions < V4.0.5016
affected by CVE-2024-22039
Update to V4.0.5016 or later version

All versions < V4.3.5618
affected by CVE-2024-22040, CVE-2024-22041
Update to V4.3.5618 or later version

All versions < V3.2.6601
affected by CVE-2024-22039
Update to V3.2.6601 or later version

All versions
affected by CVE-2024-22040, CVE-2024-22041
Currently no fix is planned

All versions < V4.2.5015
affected by CVE-2024-22039
Update to V4.2.5015 or later version

All versions < V4.3.5617
affected by CVE-2024-22040, CVE-2024-22041
Update to V4.3.5617 or later version

All versions < MP8
affected by CVE-2024-22039
Update to MP8 or later version

All versions
affected by CVE-2024-22040, CVE-2024-22041
Currently no fix is available

All versions < MP6 SR3
affected by CVE-2024-22039
Update to MP6 SR3 or later version

All versions
affected by CVE-2024-22040, CVE-2024-22041
Currently no fix is planned

All versions < MP7 SR5
affected by CVE-2024-22039
Update to MP7 SR5 or later version

All versions
affected by CVE-2024-22040, CVE-2024-22041
Currently no fix is planned

All versions < MP8 SR4
affected by CVE-2024-22040, CVE-2024-22041
Update to MP8 SR4 or later version

All versions < V3.0.6602
affected by CVE-2024-22039
Update to V3.0.6602 or later version

All versions
affected by CVE-2024-22040, CVE-2024-22041
Currently no fix is planned

All versions < V4.0.5016
affected by CVE-2024-22039
Update to V4.0.5016 or later version

All versions < V4.3.5618
affected by CVE-2024-22040, CVE-2024-22041
Update to V4.3.5618 or later version

All versions < V3.2.6601
affected by CVE-2024-22039
Update to V3.2.6601 or later version

All versions
affected by CVE-2024-22040, CVE-2024-22041
Currently no fix is planned

All versions < V4.2.5015
affected by CVE-2024-22039
Update to V4.2.5015 or later version

All versions < V4.3.5617
affected by CVE-2024-22040, CVE-2024-22041
Update to V4.3.5617 or later version

All versions < V3.0.0
affected by CVE-2024-22039

All versions
affected by CVE-2024-22040, CVE-2024-22041
Currently no fix is planned

Product-specific remediations or mitigations can be found in the section Affected Products and Solution.
Please follow the General Security Recommendations.

As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.

Un-/Collapse All

This chapter describes all vulnerabilities (CVE-IDs) addressed in this security advisory. Wherever applicable, it also documents the product-specific impact of the individual vulnerabilities.

CVSS v3.1 Base Score 10.0
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
CVSS v4.0 Base Score 10.0
CVSS v4.0 Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
CWE CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

For the following products, the impact of the vulnerability is different.


CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H (9.0)
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H (9.0)

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H (9.0)
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H (9.0)

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H (8.1)
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N (7.7)
CVSS v3.1 Base Score 7.5
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CVSS v4.0 Base Score 8.7
CVSS v4.0 Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
CWE CWE-125: Out-of-bounds Read

For the following products, the impact of the vulnerability is different.


CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H (5.9)
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N (6.0)

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H (5.9)
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N (6.0)

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H (5.9)
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N (6.0)
CVSS v3.1 Base Score 7.5
CVSS v3.1 Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CVSS v4.0 Base Score 8.7
CVSS v4.0 Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
CWE CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

For the following products, the impact of the vulnerability is different.


CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H (5.9)
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N (6.0)

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H (5.9)
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N (6.0)

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H (5.9)
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N (6.0)

https://www.siemens.com/cert/advisories
V1.0 (2024-03-12): Publication Date
V1.1 (2024-05-14): Added fix information for CVE-2024-22039 in version lines before MP8/IP8 for: Sinteso FS20 EN Fire Panel FC20 (MP7, MP6), Sinteso FS20 EN X200/X300 Cloud Distribution (MP7), Cerberus PRO EN Fire Panel FC72x (IP7, IP6), and Cerberus PRO EN X200/X300 Cloud Distribution (IP7)