Filtered by vendor Siemens
Subscriptions
Filtered by product Simatic Cfu Diq
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-40820 | 1 Siemens | 16 Sidoor Atd430w, Sidoor Ate530s Coated, Simatic and 13 more | 2025-12-10 | 7.5 High |
| Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to interfere with connection setup, potentially leading to a denial of service. The attack succeeds only if an attacker can inject IP packets with spoofed addresses at precisely timed moments, and it affects only TCP-based services. | ||||
| CVE-2022-25622 | 1 Siemens | 23 Simatic Cfu Diq, Simatic Cfu Diq Firmware, Simatic Cfu Pa and 20 more | 2025-04-21 | 5.3 Medium |
| The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments. | ||||
Page 1 of 1.