Cyber Resilience

CVE-2022-34819

Critical

Published: 12 July 2022

Published
12 July 2022
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0126 79.8th percentile
Risk Priority 21 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-34819 is a critical-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Siemens Simatic Cp 1242-7 V2 Firmware. Its CVSS base score is 10.0 (Critical).

Operationally, ranked in the top 20.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC…

more

CP 1243-8 IRC (All versions < V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0 < V2.2.28), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions < V3.3.46), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions < V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions < V3.3.46). The application lacks proper validation of user-supplied data when parsing specific messages. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of device.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

siemens
simatic cp 1242-7 v2 firmware
all versions
siemens
simatic cp 1243-1 firmware
all versions
siemens
simatic cp 1243-7 lte eu firmware
all versions
siemens
simatic cp 1243-7 lte us firmware
all versions
siemens
simatic cp 1243-8 irc firmware
all versions
siemens
simatic cp 1542sp-1 irc firmware
≥ 2.0
siemens
simatic cp 1543-1 firmware
≤ 3.0.22
siemens
simatic cp 1543sp-1 firmware
≥ 2.0
siemens
siplus et 200sp cp 1542sp-1 irc tx rail firmware
≥ 2.0
siemens
siplus et 200sp cp 1543sp-1 isec firmware
≥ 2.0
+5 more product configuration(s) — see NVD for full list

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-787

Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.

References