CVE-2021-37186
MEDIUMSiemens LOGO! CMR2020/CMR2040 < 2.2 & SIMATIC RTU3010C/RTU3030C/RTU3031C/RTU3041C < 4.0.9 - Predictable TCP ISN
Title source: llmDescription
A vulnerability has been identified in LOGO! CMR2020 (All versions < V2.2), LOGO! CMR2040 (All versions < V2.2), SIMATIC RTU3010C (All versions < V4.0.9), SIMATIC RTU3030C (All versions < V4.0.9), SIMATIC RTU3031C (All versions < V4.0.9), SIMATIC RTU3041C (All versions < V4.0.9). The underlying TCP/IP stack does not properly calculate the random numbers used as ISN (Initial Sequence Numbers). An adjacent attacker with network access to the LAN interface could interfere with traffic, spoof the connection and gain access to sensitive information.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://cert-portal.siemens.com/productcert/pdf/ssa-316383.pdf
Scores
CVSS v3
5.4
EPSS
0.0034
EPSS Percentile
26.1%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Details
CWE
CWE-330
Status
published
Products (6)
siemens/logo\!_cmr2020_firmware
< 2.2
siemens/logo\!_cmr2040_firmware
< 2.2
siemens/simatic_rtu3010c_firmware
< 4.0.9
siemens/simatic_rtu3030c_firmware
< 4.0.9
siemens/simatic_rtu3031c_firmware
< 4.0.9
siemens/simatic_rtu3041c_firmware
< 4.0.9
Published
Sep 14, 2021
Tracked Since
Feb 18, 2026