CVE-2025-40820

CWE-9403 documents3 sources

Severity

8.7HIGH

EPSS

0.1%

top 67.09%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

132

Siemens Sidoor Atd430w Siemens Sidoor Ate530g Coated Siemens Sidoor Ate530s Coated +129 more

Timeline

PublishedDec 9

Description

Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to interfere with connection setup, potentially leading to a denial of service. The attack succeeds only if an attacker can inject IP packets with spoofed addresses at precisely timed moments, and it affects only TCP-based services.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Packages132 packages

▶CVEListV5siemens/siwarex_wp231< *

▶CVEListV5siemens/siwarex_wp241< *

▶CVEListV5siemens/siwarex_wp251< *

▶CVEListV5siemens/sidoor_atd430w< *

▶CVEListV5siemens/simatic_cfu_pa< V2.0.0

🔴Vulnerability Details

CVEList

CVE-2025-40820: Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range↗2025-12-09

▶

GHSA

GHSA-84r6-pwmm-h2fw: Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range↗2025-12-09

▶