ID

VAR-202103-0198


CVE

CVE-2020-25241


TITLE

SIMATIC MV400  Vulnerability in sequence index validation in families

Trust: 0.8

sources: JVNDB: JVNDB-2020-016315

DESCRIPTION

A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions. SIMATIC MV400 The family contains a vulnerability related to array index validation.Service operation interruption (DoS) It may be in a state. Siemens SIMATIC MV400 is an industrial equipment of Germany's Siemens (Siemens) company. Used for optical identification. An unspecified vulnerability exists in the Siemens SIMATIC MV400 series TCP protocol stack

Trust: 2.16

sources: NVD: CVE-2020-25241 // JVNDB: JVNDB-2020-016315 // CNVD: CNVD-2021-16443

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-16443

AFFECTED PRODUCTS

vendor:siemensmodel:simatic mv420 sr-p bodyscope:ltversion:7.0.6

Trust: 1.0

vendor:siemensmodel:simatic mv440 urscope:ltversion:7.0.6

Trust: 1.0

vendor:siemensmodel:simatic mv420 sr-bscope:ltversion:7.0.6

Trust: 1.0

vendor:siemensmodel:simatic mv420 sr-b bodyscope:ltversion:7.0.6

Trust: 1.0

vendor:siemensmodel:simatic mv420 sr-pscope:ltversion:7.0.6

Trust: 1.0

vendor:siemensmodel:simatic mv440 srscope:ltversion:7.0.6

Trust: 1.0

vendor:siemensmodel:simatic mv440 hrscope:ltversion:7.0.6

Trust: 1.0

vendor:シーメンスmodel:simatic mv420 sr-p bodyscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic mv440 urscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic mv440 hrscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic mv440 srscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic mv420 sr-b bodyscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic mv420 sr-bscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic mv420 sr-pscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic mv400 familyscope:ltversion:7.0.6

Trust: 0.6

sources: CNVD: CNVD-2021-16443 // JVNDB: JVNDB-2020-016315 // NVD: CVE-2020-25241

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-25241
value: HIGH

Trust: 1.0

NVD: CVE-2020-25241
value: HIGH

Trust: 0.8

CNVD: CNVD-2021-16443
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202103-685
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2020-25241
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2021-16443
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-25241
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2020-25241
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2021-16443 // JVNDB: JVNDB-2020-016315 // CNNVD: CNNVD-202103-685 // NVD: CVE-2020-25241

PROBLEMTYPE DATA

problemtype:CWE-129

Trust: 1.0

problemtype:CWE-1285

Trust: 1.0

problemtype:Improper validation of array indexes (CWE-129) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2020-016315 // NVD: CVE-2020-25241

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202103-685

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202103-685

PATCH

title:SSA-599268url:https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf

Trust: 0.8

title:Siemens SIMATIC MV400 Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=144277

Trust: 0.6

sources: JVNDB: JVNDB-2020-016315 // CNNVD: CNNVD-202103-685

EXTERNAL IDS

db:NVDid:CVE-2020-25241

Trust: 3.8

db:SIEMENSid:SSA-599268

Trust: 2.2

db:ICS CERTid:ICSA-21-068-07

Trust: 1.4

db:JVNid:JVNVU93441670

Trust: 0.8

db:JVNDBid:JVNDB-2020-016315

Trust: 0.8

db:CNVDid:CNVD-2021-16443

Trust: 0.6

db:AUSCERTid:ESB-2021.0852

Trust: 0.6

db:CNNVDid:CNNVD-202103-685

Trust: 0.6

sources: CNVD: CNVD-2021-16443 // JVNDB: JVNDB-2020-016315 // CNNVD: CNNVD-202103-685 // NVD: CVE-2020-25241

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf

Trust: 2.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-25241

Trust: 1.4

url:https://jvn.jp/vu/jvnvu93441670/

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-21-068-07

Trust: 0.8

url:https://vigilance.fr/vulnerability/siemens-simatic-mv400-two-vulnerabilities-via-tcp-stack-34783

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0852

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-068-07

Trust: 0.6

sources: CNVD: CNVD-2021-16443 // JVNDB: JVNDB-2020-016315 // CNNVD: CNNVD-202103-685 // NVD: CVE-2020-25241

SOURCES

db:CNVDid:CNVD-2021-16443
db:JVNDBid:JVNDB-2020-016315
db:CNNVDid:CNNVD-202103-685
db:NVDid:CVE-2020-25241

LAST UPDATE DATE

2024-09-13T22:22:40.457000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2021-16443date:2021-03-23T00:00:00
db:JVNDBid:JVNDB-2020-016315date:2024-09-12T08:23:00
db:CNNVDid:CNNVD-202103-685date:2021-03-19T00:00:00
db:NVDid:CVE-2020-25241date:2021-03-18T20:04:09.937

SOURCES RELEASE DATE

db:CNVDid:CNVD-2021-16443date:2021-03-11T00:00:00
db:JVNDBid:JVNDB-2020-016315date:2021-11-22T00:00:00
db:CNNVDid:CNNVD-202103-685date:2021-03-09T00:00:00
db:NVDid:CVE-2020-25241date:2021-03-15T17:15:20.097