← Back to home
ICSA-12-305-01  ·  Published 2025-06-06  ·  View on CISA ICS-CERT ↗

Siemens SiPass Server Buffer Overflow

CVSS 10.0 CRITICAL

CVEs (1)

Remediations

  • Siemens has provided a software hotfix (http://www.siemens.com/corporate-technology/en/research-areas/siemens-cert-security-advisories.htm) resolving the vulnerability for customers of SiPass integrated MP2.4, MP2.5, and MP2.6.
  • Please contact Siemens customer support (http://mailto:[email protected]/) to acquire this hotfix. Siemens recommends customers with earlier versions of SiPass integrated to upgrade to one of the above mentioned versions. In addition, perimeter firewalls may be configured to block Port 4343/TCP to SiPass server.
  • The affected software components are implemented under the assumption of running in a protected IT environment. Siemens strongly recommends protecting systems according to common security practices.

Affected Vendors

Siemens

Affected Products (1)

Siemens · SiPass integrated <=MP2.6

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more