Input validation error in SIMATIC MV400

#VU51379 Input validation error in SIMATIC MV400

Published: 2021-03-10

Vulnerability identifier: #VU51379

Vulnerability risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-25241

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
SIMATIC MV400
Hardware solutions / Security hardware applicances

Vendor:

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to the underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation
Install update from vendor's website.

Vulnerable software versions

External links
http://ics-cert.us-cert.gov/advisories/icsa-21-068-07

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Siemens SIMATIC MV400