What is the severity of CVE-2020-25241?

CVE-2020-25241 is rated as a medium severity vulnerability due to the potential for an attacker to disrupt TCP sessions.

How do I fix CVE-2020-25241?

To fix CVE-2020-25241, users should upgrade their SIMATIC MV400 family devices to versions 7.0.6 or higher.

What products are affected by CVE-2020-25241?

CVE-2020-25241 affects all versions of the SIMATIC MV400 family prior to 7.0.6.

What type of attack does CVE-2020-25241 enable?

CVE-2020-25241 enables an attacker to terminate arbitrary TCP sessions using malformed TCP RST packets.

Is CVE-2020-25241 exploitable from a remote location?

Yes, CVE-2020-25241 can be exploited remotely due to the nature of the TCP stack vulnerability.

Vulnerability/
CVE-2020-25241

high

7.5

CWE

129 1285

15/3/2021

4/8/2024

CVE-2020-25241: Out-of-bounds Read

First published: Mon Mar 15 2021(Updated: )

A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions.

Credit: productcert@siemens.com

Affected Software	Affected Version	How to fix
Siemens SIMATIC MV440 SR	<7.0.6
Siemens SIMATIC MV440 SR Firmware
Siemens SIMATIC MV440 HR	<7.0.6
Siemens SIMATIC MV440 HR Firmware
Siemens SIMATIC MV440 UR	<7.0.6
Siemens SIMATIC MV440
Siemens SIMATIC MV420 SR-B Body Firmware	<7.0.6
Siemens SIMATIC MV420 SR-B Body Firmware
Siemens Simatic MV420 Firmware	<7.0.6
Siemens Simatic MV420
Siemens Simatic MV420 Firmware	<7.0.6
Siemens SIMATIC MV420 SR-B Body Firmware
Siemens Simatic MV420 Firmware	<7.0.6
Siemens SIMATIC MV420 SR-P

Never miss a vulnerability like this again

Reference Links

https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf

Frequently Asked Questions

What is the severity of CVE-2020-25241?
CVE-2020-25241 is rated as a medium severity vulnerability due to the potential for an attacker to disrupt TCP sessions.
How do I fix CVE-2020-25241?
To fix CVE-2020-25241, users should upgrade their SIMATIC MV400 family devices to versions 7.0.6 or higher.
What products are affected by CVE-2020-25241?
CVE-2020-25241 affects all versions of the SIMATIC MV400 family prior to 7.0.6.
What type of attack does CVE-2020-25241 enable?
CVE-2020-25241 enables an attacker to terminate arbitrary TCP sessions using malformed TCP RST packets.
Is CVE-2020-25241 exploitable from a remote location?
Yes, CVE-2020-25241 can be exploited remotely due to the nature of the TCP stack vulnerability.

agent/type
collector/mitre-cve
source/MITRE
agent/author
agent/references
agent/severity
agent/last-modified-date
agent/weakness
agent/description
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/siemens
canonical/siemens simatic mv440 sr
canonical/siemens simatic mv440 sr firmware
canonical/siemens simatic mv440 hr
canonical/siemens simatic mv440 hr firmware
canonical/siemens simatic mv440 ur
canonical/siemens simatic mv440
canonical/siemens simatic mv420 sr-b body firmware
canonical/siemens simatic mv420 firmware
canonical/siemens simatic mv420
canonical/siemens simatic mv420 sr-p

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.