Vulnerabilities > CVE-2022-40225 - Incorrect Conversion between Numeric Types vulnerability in Siemens Siplus TIM 1531 IRC Firmware 2.3.6

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

siemens

CWE-681

NVD

Published: 2022-11-10

Updated: 2024-06-24

Summary

A vulnerability has been identified in SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). Casting an internal value could lead to floating point exception under certain circumstances. This could allow an attacker to cause a denial of service condition on affected devices.

Vulnerable Configurations

Part	Description	Count
OS	Siemens Siemens Siplus TIM 1531 IRC Firmware - Siemens Siplus TIM 1531 IRC Firmware 2.3.6	2
Hardware	Siemens Siemens Siplus TIM 1531 IRC -	1

Common Weakness Enumeration (CWE)

CWE-681 - Incorrect Conversion between Numeric Types

References

https://cert-portal.siemens.com/productcert/html/ssa-337522.html