CVE-2025-40820

HIGH

TCP Sequence Number Validation - DoS

Title source: llm
STIX 2.1

Description

Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to interfere with connection setup, potentially leading to a denial of service. The attack succeeds only if an attacker can inject IP packets with spoofed addresses at precisely timed moments, and it affects only TCP-based services.

References (1)

Core 1

Scores

CVSS v3 7.5
EPSS 0.0010
EPSS Percentile 27.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-940
Status published
Products (50)
Siemens/SIDOOR ATD430W
Siemens/SIDOOR ATE530G COATED
Siemens/SIDOOR ATE530S COATED
Siemens/SIMATIC CFU DIQ < V2.0.0
Siemens/SIMATIC CFU PA < V2.0.0
Siemens/SIMATIC ET 200AL IM 157-1 PN
Siemens/SIMATIC ET 200clean, CM 8x IO-Link
Siemens/SIMATIC ET 200clean, DI 16x24VDC
Siemens/SIMATIC ET 200clean, DIQ 16x24VDC/0,5A
Siemens/SIMATIC ET 200eco PN, AI 8xRTD/TC, M12-L V5.1.1
... and 40 more
Published Dec 09, 2025
Tracked Since Feb 18, 2026