Unrated severityNVD Advisory· Published Mar 15, 2021· Updated Aug 4, 2024

CVE-2020-25241

Description

A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions.

Affected products

Siemens Foundation/SIMATIC MV400 familyllm-fuzzy
Range: < V7.0.6
Siemens Foundation/SIMATIC S7-400 CPU familycpe-rescue
Range: All Versions < V7.0.6

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cert-portal.siemens.com/productcert/pdf/ssa-599268.pdfmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000