Siemens Simatic Cfu Pa vulnerabilities

CVE-2025-40820 [HIGH] CWE-940 CVE-2025-40820: Affected products do not properly enforce TCP sequence number validation in specific scenarios but a Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to interfere with connection setup, potentially leading to a denial of service. The attack succeeds only if an attacker can inject IP packets with spoofed addres

CVE-2024-23814 [MEDIUM] CWE-400 CVE-2024-23814: The integrated ICMP service of the network stack of affected devices can be forced to exhaust its a The integrated ICMP service of the network stack of affected devices can be forced to exhaust its available memory resources when receiving specially crafted messages targeting IP fragment re-assembly. This could allow an unauthenticated remote attacker to cause a temporary denial of service condition of the ICMP service, other communication service

CVE-2022-25622 [MEDIUM] CWE-400 CVE-2022-25622: The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments.

CVE-2020-28400 [HIGH] CWE-770 CVE-2020-28400: Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.

CVE-2019-10936 [HIGH] CWE-400 CVE-2019-10936: Affected devices improperly handle large amounts of specially crafted UDP packets. This could all Affected devices improperly handle large amounts of specially crafted UDP packets. This could allow an unauthenticated remote attacker to trigger a denial of service condition.