PatchSiren cyber security CVE debrief
CVE-2022-0778 Siemens CVE debrief
CVE-2022-0778 affects Siemens SCALANCE wireless devices that use OpenSSL during certificate or key parsing. A malformed certificate or private key with invalid explicit elliptic curve parameters can trigger an infinite loop in BN_mod_sqrt(), creating a denial-of-service condition. Siemens’ advisory maps the issue to multiple SCALANCE W7xx/W78x device variants and recommends upgrading to version 6.6.0 or later.
- Vendor
- Siemens
- Product
- SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-14
- Original CVE updated
- 2026-04-21
- Advisory published
- 2026-04-14
- Advisory updated
- 2026-04-21
Who should care
OT and industrial network operators using affected Siemens SCALANCE wireless devices; administrators who import, validate, or manage external certificates and keys; and teams responsible for device firmware maintenance in environments that rely on certificate-based access or trust stores.
Technical summary
The underlying flaw is in OpenSSL’s BN_mod_sqrt() handling of non-prime moduli. When certificate parsing reaches code paths for elliptic curve public keys in compressed form or explicit elliptic curve parameters, a crafted certificate or private key can cause the function to loop forever. Because parsing occurs before certificate signature verification, simply presenting a maliciously crafted object to a susceptible parser can be enough to cause a denial-of-service event.
Defensive priority
High. The published CVSS score is 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), and the main operational risk is service hang or parser lockup on externally supplied certificate/key content.
Recommended defensive actions
- Upgrade affected Siemens SCALANCE devices to V6.6.0 or later, as directed by Siemens.
- Inventory SCALANCE models and firmware versions against the affected product list in the advisory before maintenance windows.
- Limit exposure to untrusted certificate and private-key inputs wherever operationally possible, especially in workflows that ingest externally supplied material.
- Validate certificate and key handling paths in OT operations plans so a hang in parsing does not disrupt critical availability or recovery procedures.
Evidence notes
The source corpus links the vulnerability description to the Siemens SCALANCE advisory ICSA-26-111-07 / SSA-019200, which states that affected products run versions earlier than 6.6.0 and that remediation is to update to 6.6.0 or later. The advisory also states the issue can be reached while parsing crafted certificates or private keys containing explicit elliptic curve parameters. CISA’s source item revision history shows publication on 2026-04-14 and a CISA republication on 2026-04-21.
Official resources
-
CVE-2022-0778 CVE record
CVE.org
-
CVE-2022-0778 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in CISA CSAF advisory ICSA-26-111-07 on 2026-04-14, with a CISA republication/update recorded on 2026-04-21. The source corpus ties the issue to Siemens ProductCERT advisory SSA-019200.