Sign-up

ID

VAR-202505-2079


CVE

CVE-2022-31812


TITLE

Siemens'  SiPass integrated  Out-of-bounds read vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-026240

DESCRIPTION

A vulnerability has been identified in SiPass integrated (All versions < V2.95.3.18). Affected server applications contain an out of bounds read past the end of an allocated buffer while checking the integrity of incoming packets. This could allow an unauthenticated remote attacker to create a denial of service condition. Siemens' SiPass integrated Exists in an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2022-31812 // JVNDB: JVNDB-2022-026240

AFFECTED PRODUCTS

vendor:siemensmodel:sipass integratedscope:ltversion:2.95.3.18

Trust: 1.0

vendor:シーメンスmodel:sipass integratedscope:eqversion:2.95.3.18

Trust: 0.8

vendor:シーメンスmodel:sipass integratedscope:eqversion: -

Trust: 0.8

vendor:シーメンスmodel:sipass integratedscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-026240 // NVD: CVE-2022-31812

CVSS

SEVERITY

CVSSV2

CVSSV3

productcert@siemens.com: CVE-2022-31812
value: HIGH

Trust: 1.0

OTHER: JVNDB-2022-026240
value: HIGH

Trust: 0.8

productcert@siemens.com: CVE-2022-31812
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

OTHER: JVNDB-2022-026240
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-026240 // NVD: CVE-2022-31812

PROBLEMTYPE DATA

problemtype:CWE-125

Trust: 1.0

problemtype:Out-of-bounds read (CWE-125) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-026240 // NVD: CVE-2022-31812

EXTERNAL IDS

db:NVDid:CVE-2022-31812

Trust: 2.6

db:SIEMENSid:SSA-041082

Trust: 1.8

db:ICS CERTid:ICSA-25-148-02

Trust: 0.8

db:JVNid:JVNVU92528757

Trust: 0.8

db:JVNDBid:JVNDB-2022-026240

Trust: 0.8

sources: JVNDB: JVNDB-2022-026240 // NVD: CVE-2022-31812

REFERENCES

url:https://cert-portal.siemens.com/productcert/html/ssa-041082.html

Trust: 1.8

url:https://jvn.jp/vu/jvnvu92528757/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-31812

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-25-148-02

Trust: 0.8

sources: JVNDB: JVNDB-2022-026240 // NVD: CVE-2022-31812

SOURCES

db:JVNDBid:JVNDB-2022-026240
db:NVDid:CVE-2022-31812

LAST UPDATE DATE

2025-08-26T22:54:06.175000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2022-026240date:2025-08-25T06:51:00
db:NVDid:CVE-2022-31812date:2025-08-22T19:37:02.577

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2022-026240date:2025-08-25T00:00:00
db:NVDid:CVE-2022-31812date:2025-05-23T15:15:21.437