PatchSiren cyber security CVE debrief
CVE-2022-31812 Siemens CVE debrief
CVE-2022-31812 is a high-severity availability issue in Siemens SiPass integrated server applications. According to the CISA CSAF advisory published on 2025-05-13, an attacker can send crafted network traffic that causes an out-of-bounds read while the application checks packet integrity, which can result in a denial of service. The provided source data identifies no impact to confidentiality or integrity, and no Known Exploited Vulnerabilities listing is included in the supplied enrichment.
- Vendor
- Siemens
- Product
- SiPass integrated
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-05-13
- Original CVE updated
- 2025-05-13
- Advisory published
- 2025-05-13
- Advisory updated
- 2025-05-13
Who should care
OT/ICS defenders, Siemens SiPass integrated administrators, SOC teams monitoring exposed access-control or security server applications, and asset owners responsible for availability of identity/access systems.
Technical summary
The source advisory describes an out-of-bounds read past the end of an allocated buffer in affected server applications when they verify incoming packet integrity. The attack vector is network-based and unauthenticated, and the stated impact is denial of service. The supplied CVSS vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, which aligns with a remote availability-only disruption.
Defensive priority
High. This is a remotely reachable, unauthenticated denial-of-service condition in a Siemens product used in security/access-control environments, so service availability risk is immediate for exposed deployments.
Recommended defensive actions
- Upgrade Siemens SiPass integrated to V2.95.3.18 or later, as listed in the vendor remediation guidance.
- Identify whether any SiPass integrated server applications are deployed and whether they are reachable from untrusted networks.
- Restrict network exposure to trusted management and operational segments while remediation is being planned.
- Monitor for abnormal packet handling, service crashes, or repeated restarts affecting SiPass integrated servers.
- Use standard ICS defensive practices and defense-in-depth guidance referenced by CISA for segmentation, access control, and monitoring.
Evidence notes
All material claims are grounded in the supplied CISA CSAF source item and its referenced Siemens remediation notice. The advisory text explicitly states the out-of-bounds read, packet-integrity check context, remote unauthenticated attack precondition, and denial-of-service impact. The remediation entry specifies updating to V2.95.3.18 or later. The timeline fields provided in the prompt place publication and modification on 2025-05-13, which is used here only as advisory publication context, not as the vulnerability origin date.
Official resources
-
CVE-2022-31812 CVE record
CVE.org
-
CVE-2022-31812 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA published the CSAF advisory for CVE-2022-31812 on 2025-05-13 (ICSA-25-148-02), with the source record also citing Siemens advisory SSA-041082 and a vendor fix at V2.95.3.18 or later.