PatchSiren cyber security CVE debrief
CVE-2022-40303 Siemens CVE debrief
CVE-2022-40303 is a high-severity availability issue tied to libxml2 parsing behavior and surfaced by Siemens in its SCALANCE W700 IEEE 802.11ax advisory published on 2025-02-11. The underlying flaw affects libxml2 versions before 2.10.3 when XML_PARSE_HUGE is enabled and a multi-gigabyte XML document is parsed; integer counters can overflow and lead to an invalid array access and a crash. Siemens maps this to 19 SCALANCE WAB/WAM/WUB/WUM product variants and recommends upgrading to V3.0.0 or later.
- Vendor
- Siemens
- Product
- SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-02-11
- Original CVE updated
- 2025-05-06
- Advisory published
- 2025-02-11
- Advisory updated
- 2025-05-06
Who should care
Operators and maintainers of the listed Siemens SCALANCE WAB/WAM/WUB/WUM devices, especially teams that ingest or process XML content on affected systems. OT defenders should prioritize this if the devices are used in environments where uptime matters and vendor firmware upgrades must be scheduled carefully.
Technical summary
The advisory description says libxml2 before 2.10.3 can overflow several integer counters while parsing a multi-gigabyte XML document with XML_PARSE_HUGE enabled. That overflow can drive an attempt to access memory at a negative 2 GB offset, typically resulting in a segmentation fault. In the Siemens CSAF, the issue is associated with 19 SCALANCE product variants and the recommended remediation is to update to V3.0.0 or later. The CVSS vector (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) reflects a network-reachable, low-complexity availability impact with no stated confidentiality or integrity impact.
Defensive priority
High for affected Siemens SCALANCE deployments because the documented impact is a crash/segmentation fault and Siemens provides a clear upgrade path. Prioritize based on operational exposure to XML parsing and the criticality of device uptime.
Recommended defensive actions
- Identify whether any of the 19 Siemens SCALANCE product variants in the advisory are deployed in your environment.
- Review whether affected devices or adjacent components parse XML content and whether XML_PARSE_HUGE or similar large-document handling is enabled.
- Plan and test the Siemens remediation: update to V3.0.0 or later as recommended in the advisory.
- Use vendor maintenance windows and rollback planning appropriate for OT/industrial networking equipment.
- Track the Siemens advisory and CISA CSAF for any follow-up revisions or clarifications.
Evidence notes
This debrief is based only on the supplied Siemens/CISA CSAF advisory material and official vulnerability records. The source advisory was published on 2025-02-11 and revised on 2025-05-06 for typo fixes; those dates are used as advisory timing context, not as the original flaw-creation date. The source corpus states the issue is in libxml2 before 2.10.3, affects parsing of multi-gigabyte XML documents with XML_PARSE_HUGE enabled, and can cause a segmentation fault. Siemens lists 19 affected SCALANCE product variants and recommends updating to V3.0.0 or later.
Official resources
-
CVE-2022-40303 CVE record
CVE.org
-
CVE-2022-40303 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in the Siemens/CISA advisory published on 2025-02-11 and revised on 2025-05-06 for typo fixes. The advisory maps CVE-2022-40303 to affected Siemens SCALANCE products and recommends updating to V3.0.0 or later.