As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
1. EXECUTIVE SUMMARY
- CVSS v4 8.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SINEC Traffic Analyzer
- Vulnerabilities: NULL Pointer Dereference, Use After Free, Uncontrolled Resource Consumption, Execution with Unnecessary Privileges, Exposure of Sensitive Information to an Unauthorized Actor, Irrelevant Code, Channel Accessible by Non-Endpoint
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition or gain elevated access and access to sensitive resources.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Siemens reports the following products are affected:
- Siemens SINEC Traffic Analyzer (6GK8822-1BG01-0BA0): All versions prior to 3.0 (CVE-2024-24989, CVE-2024-24990, CVE-2025-40766, CVE-2025-40767, CVE-2025-40768, CVE-2025-40769)
- Siemens SINEC Traffic Analyzer (6GK8822-1BG01-0BA0): All versions (CVE-2025-40770)
3.2 VULNERABILITY OVERVIEW
3.2.1 NULL POINTER DEREFERENCE CWE-476
When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3 https://nginx.org/en/docs/quic.html. Note: Software versions that have reached End of T
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: