CVE-2020-25241

A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions.

CVSS v3.0 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:siemens:simatic_mv440_sr_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_mv440_sr:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:siemens:simatic_mv440_hr_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_mv440_hr:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:siemens:simatic_mv440_ur_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_mv440_ur:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:siemens:simatic_mv420_sr-b_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_mv420_sr-b:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:siemens:simatic_mv420_sr-p_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_mv420_sr-p:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:siemens:simatic_mv420_sr-b_body_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_mv420_sr-b_body:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:siemens:simatic_mv420_sr-p_body_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_mv420_sr-p_body:-:*:*:*:*:*:*:*

Information

Published : 2021-03-15 10:15

Updated : 2021-03-18 13:04

NVD link : CVE-2020-25241

Mitre link : CVE-2020-25241

JSON object : View

CWE

CWE-1285

Improper Validation of Specified Index, Position, or Offset in Input

CWE-129

Improper Validation of Array Index

Products Affected

siemens

simatic_mv440_hr_firmware
simatic_mv420_sr-p_firmware
simatic_mv440_ur_firmware
simatic_mv420_sr-b_body_firmware
simatic_mv440_sr_firmware
simatic_mv420_sr-p_body_firmware
simatic_mv440_sr
simatic_mv420_sr-p_body
simatic_mv420_sr-b
simatic_mv420_sr-b_body
simatic_mv420_sr-b_firmware
simatic_mv420_sr-p
simatic_mv440_ur
simatic_mv440_hr

7.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2020-25241

7.5^/10

5.0^/10

Attach tags to `CVE-2020-25241`