SIMATIC MV400 family

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2020-25241	Siemens Foundation SIMATIC S7-400 CPU family		0.00	—	0.00		Mar 15, 2021	A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP…
CVE-2020-27632	Siemens Foundation SIMATIC MV400 family		0.00	—	0.00		Mar 10, 2021	In SIMATIC MV400 family versions prior to v7.0.6, the ISN generator is initialized with a constant value and has constant increments. An attacker could predict and hijack TCP sessions.

CVE-2020-25241Mar 15, 2021
Siemens Foundation
SIMATIC S7-400 CPU family
risk 0.00cvss —epss 0.00
A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP…
CVE-2020-27632Mar 10, 2021
Siemens Foundation
SIMATIC MV400 family
risk 0.00cvss —epss 0.00
In SIMATIC MV400 family versions prior to v7.0.6, the ISN generator is initialized with a constant value and has constant increments. An attacker could predict and hijack TCP sessions.