Siemens Simatic Pn Mf Coupler vulnerabilities

CVE-2025-40944 [HIGH] CWE-400 CVE-2025-40944: A vulnerability has been identified in SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0) (All versio A vulnerability has been identified in SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0) (All versions), SIMATIC ET 200MP IM 155-5 PN HF (6ES7155-5AA00-0AC0) (All versions >= V4.2.0), SIMATIC ET 200SP IM 155-6 MF HF (6ES7155-6MU00-0CN0) (All versions), SIMATIC ET 200SP IM 155-6 PN HA (incl. SIPLUS variants) (All versions = V4.2.0), SIMATIC ET 200SP IM

CVE-2025-40820 [HIGH] CWE-940 CVE-2025-40820: Affected products do not properly enforce TCP sequence number validation in specific scenarios but a Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to interfere with connection setup, potentially leading to a denial of service. The attack succeeds only if an attacker can inject IP packets with spoofed addres

CVE-2022-25622 [HIGH] CWE-400 CVE-2022-25622: The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments.

CVE-2019-19300 [HIGH] CWE-400 CVE-2019-19300: A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, De A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, KTK ATE530S, SIDOOR ATD430W, SIDOOR ATE530S COATED, SIDOOR ATE531S, SIMATIC ET 200AL IM 157-1 PN (6ES7157-1AB00-0AB0), SIMATIC ET 200eco PN, AI 8xRTD/TC, M12-L (6ES7144-6JF00-0BB0), SIMATIC ET 20