Login Sign Up

CVE-2022-31810

7.5 HIGH
Denial of Service Buffer Overflow

📋 TL;DR

A stack-based buffer overflow vulnerability in SiPass integrated server applications allows unauthenticated remote attackers to crash the server by sending specially crafted configuration client login packets. This affects all SiPass integrated versions before V2.90.3.8, creating a denial of service condition.

💻 Affected Systems

Products:
  • SiPass integrated
Versions: All versions < V2.90.3.8
Operating Systems: Not specified in CVE
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the server application component handling configuration client login.

📦 What is this software?

Sipass Integrated by Siemens

View all CVEs affecting Sipass Integrated →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server crash leading to sustained denial of service, potentially disrupting physical access control systems.

🟠

Likely Case

Server crash requiring manual restart, causing temporary access control system downtime.

🟢

If Mitigated

No impact if patched or properly network-isolated.

🌐 Internet-Facing: HIGH - Unauthenticated remote exploitation possible if exposed to internet.
🏢 Internal Only: MEDIUM - Still exploitable from internal networks but requires network access.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Buffer overflow in packet size checking suggests relatively straightforward exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: V2.90.3.8 or later

Vendor Advisory: https://cert-portal.siemens.com/productcert/pdf/ssa-924149.pdf

Restart Required: Yes

Instructions:

1. Download V2.90.3.8 or later from Siemens support portal. 2. Backup current configuration. 3. Install update following vendor documentation. 4. Restart SiPass integrated services.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict access to SiPass integrated server to trusted management networks only.

Configure firewall rules to allow only specific IPs/subnets to access SiPass server ports

Disable Unnecessary Services

all

Disable configuration client login service if not required.

Consult Siemens documentation for service disable procedures

🧯 If You Can't Patch

  • Implement strict network access controls to limit exposure
  • Monitor for crash/restart events and implement redundancy if possible

🔍 How to Verify

Check if Vulnerable:

Check SiPass integrated version in administration interface or configuration files.

Check Version:

Check via SiPass administration interface or consult Siemens documentation for version query commands.

Verify Fix Applied:

Confirm version is V2.90.3.8 or later after update.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected server crashes
  • Multiple failed login attempts from single source
  • Abnormal packet size warnings

Network Indicators:

  • Unusual traffic to SiPass configuration port (default 443/TCP)
  • Multiple connection attempts with varying packet sizes

SIEM Query:

source="sipass" AND (event="crash" OR event="restart") OR (destination_port=443 AND packet_size>threshold)

📊 Metadata

CVE ID: CVE-2022-31810
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-20
Published: July 11, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-31810, you might also want to check these:

CVE-2022-47190 10.0

CVE-2022-47190 allows remote attackers to upload malicious firmware containing a webshell to Generex...

Same vulnerability type (CWE-20)
CVE-2024-3400 10.0

CVE-2024-3400 is a critical command injection vulnerability in Palo Alto Networks PAN-OS GlobalProte...

Same vulnerability type (CWE-20)
CVE-2023-42802 10.0

This critical vulnerability in GLPI allows attackers to upload malicious PHP files to unauthorized d...

Same vulnerability type (CWE-20)