PatchSiren cyber security CVE debrief
CVE-2022-3435 Siemens CVE debrief
CVE-2022-3435 is a medium-severity out-of-bounds read vulnerability in the Linux Kernel's IPv4 Handler, specifically within the fib_nh_match function in net/ipv4/fib_semantics.c. The vulnerability was published on June 11, 2024, with a CVSS 3.1 score of 4.3 (MEDIUM). The issue allows remote attackers to trigger an out-of-bounds read through manipulation of the affected function. Siemens has identified this vulnerability as affecting six industrial communication processor products in their SIMATIC and SIPLUS ET 200SP product lines, which incorporate the vulnerable Linux Kernel component. The affected products are used in industrial automation environments for Ethernet communication in distributed I/O systems. Siemens has released firmware version V2.3 or later to address this vulnerability across all affected product variants.
- Vendor
- Siemens
- Product
- SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0)
- CVSS
- MEDIUM 4.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-06-11
- Original CVE updated
- 2024-06-11
- Advisory published
- 2024-06-11
- Advisory updated
- 2024-06-11
Who should care
Organizations operating Siemens SIMATIC CP 1542SP-1, CP 1542SP-1 IRC, CP 1543SP-1, or SIPLUS ET 200SP communication processors in industrial automation environments. This includes manufacturing facilities, process control industries, and critical infrastructure operators utilizing Siemens distributed I/O systems with Ethernet communication capabilities. Security teams responsible for OT/ICS asset management and patch deployment should prioritize firmware updates during planned maintenance windows.
Technical summary
The vulnerability exists in the fib_nh_match function within net/ipv4/fib_semantics.c of the Linux Kernel IPv4 Handler component. This function is part of the Forwarding Information Base (FIB) next-hop matching logic used in IPv4 routing decisions. An out-of-bounds read condition can be triggered remotely, potentially exposing sensitive information from kernel memory. The CVSS vector indicates network attack vector with low attack complexity, requiring low privileges but no user interaction. Siemens industrial communication processors running affected Linux Kernel versions incorporate this vulnerable component, necessitating firmware updates to remediate the exposure in operational technology environments.
Defensive priority
medium
Recommended defensive actions
- Apply Siemens firmware update V2.3 or later to affected SIMATIC CP 1542SP-1, CP 1542SP-1 IRC, CP 1543SP-1, and SIPLUS ET 200SP communication processor variants
- Verify current firmware version on affected industrial communication modules and plan maintenance window for update deployment
- Review network segmentation for affected devices to limit remote attack exposure per ICS-CERT recommended practices
- Monitor Siemens ProductCERT portal for additional guidance or updated security advisories related to SSA-625862
Evidence notes
The vulnerability description and affected products are sourced from CISA CSAF advisory ICSA-24-165-10, which references Siemens Security Advisory SSA-625862. The CVE record indicates the underlying issue exists in Linux Kernel's IPv4 routing component (fib_nh_match function). Siemens remediation guidance specifies firmware update to V2.3 or later for all six affected product variants.
Official resources
-
CVE-2022-3435 CVE record
CVE.org
-
CVE-2022-3435 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-06-11