Siemens: >> Sipass Integrated >> 2.65 Security Vulnerabilities
A vulnerability has been identified in SiPass integrated (All versions < V2.90.3.8). Affected server applications improperly check the size of data packets received for the configuration client login, causing a stack-based buffer overflow.
This could allow an unauthenticated remote attacker to crash the server application, creating a denial of service condition.
CVSS Score
7.5
EPSS Score
0.003
Published
2023-07-11
A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with network access to the SiPass integrated server to bypass the authentication mechanism and perform administrative operations.
CVSS Score
9.8
EPSS Score
0.028
Published
2017-08-08
A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with access to a low-privileged user account to read or write files on the file system of the SiPass integrated server over the network.
CVSS Score
8.1
EPSS Score
0.002
Published
2017-08-08
A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker in a Man-in-the-Middle position between the SiPass integrated server and SiPass integrated clients to read or modify the network communication.
CVSS Score
7.4
EPSS Score
0.002
Published
2017-08-08
A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with local access to the SiPass integrated server or SiPass integrated client to potentially obtain credentials from the systems.
CVSS Score
7.8
EPSS Score
0.0
Published
2017-08-08
AscoServer.exe in the server in Siemens SiPass integrated MP2.6 and earlier does not properly handle IOCP RPC messages received over an Ethernet network, which allows remote attackers to write data to any memory location and consequently execute arbitrary code via crafted messages, as demonstrated by an arbitrary pointer dereference attack or a buffer overflow attack.
CVSS Score
10.0
EPSS Score
0.354
Published
2012-11-01