PatchSiren cyber security CVE debrief
CVE-2024-22041 Siemens CVE debrief
A memory buffer handling vulnerability in Siemens fire safety systems allows unauthenticated remote attackers to crash network services via malformed X.509 certificate parsing. The flaw resides in the network communication library used by engineering tools across Cerberus PRO UL and Desigo Fire Safety UL product lines. Exploitation requires an on-path attacker position to intercept engineering tool communications within the fire system network. Impact is confined to the engineering tool itself, with no compromise of the underlying operating system. CISA published this advisory on May 14, 2024, with Siemens providing firmware updates as remediation.
- Vendor
- Siemens
- Product
- Cerberus PRO EN Engineering Tool
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-03-12
- Original CVE updated
- 2024-05-14
- Advisory published
- 2024-03-12
- Advisory updated
- 2024-05-14
Who should care
Organizations operating Siemens Cerberus PRO UL or Desigo Fire Safety UL fire protection systems, particularly those with remote or distributed engineering tool deployments. Critical infrastructure operators in facilities management, healthcare, education, and commercial real estate sectors relying on these systems for life safety protection. ICS/OT security teams responsible for fire safety network segmentation and maintenance access controls.
Technical summary
The network communication library in Siemens Cerberus PRO UL and Desigo Fire Safety UL systems fails to properly handle memory buffers during X.509 certificate parsing. An unauthenticated remote attacker can exploit this to crash the network service. The attack requires on-path positioning to intercept engineering tool communications within the fire system network. Successful exploitation impacts only the engineering tool, not the host operating system. Affected products include Cerberus PRO UL Compact Panel FC922/924, Cerberus PRO UL Engineering Tool, Cerberus PRO UL X300 Cloud Distribution, Desigo Fire Safety UL Compact Panel FC2025/2050, Desigo Fire Safety UL Engineering Tool, and Desigo Fire Safety UL X300 Cloud Distribution. Siemens has released firmware updates: MP4 or later for panels and engineering tools, and V4.3.0001 or later for X300 Cloud Distribution components.
Defensive priority
HIGH
Recommended defensive actions
- Apply vendor firmware updates: Cerberus PRO UL Compact Panel FC922/924 and Engineering Tool to MP4 or later; Cerberus PRO UL X300 Cloud Distribution to V4.3.0001 or later
- Apply vendor firmware updates: Desigo Fire Safety UL Compact Panel FC2025/2050 and Engineering Tool to MP4 or later; Desigo Fire Safety UL X300 Cloud Distribution to V4.3.0001 or later
- Segment fire safety system networks to limit engineering tool communication exposure
- Monitor for anomalous X.509 certificate traffic targeting engineering tools
- Implement network access controls restricting engineering tool communications to authorized maintenance windows and source addresses
Evidence notes
CVE published 2024-05-14 per CISA CSAF advisory ICSA-24-137-12. CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C indicates high availability impact with proof-of-concept exploit existence. Attack complexity is low but requires on-path network position. Six Siemens products affected across two product families.
Official resources
-
CVE-2024-22041 CVE record
CVE.org
-
CVE-2024-22041 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-05-14