CVE-2025-40820 | Siemens SIPLUS ET 200SP CPU 1 TCP Sequence Number verification of source (ssa-915282)

December 9, 2025 Yanac

A vulnerability, which was classified as critical, was found in Siemens SIDOOR ATD430W, SIDOOR ATE530G COATED, SIDOOR ATE530S COATED, SIMATIC CFU DIQ, SIMATIC CFU PA, SIMATIC ET 200AL IM 157-1 PN, SIMATIC ET 200clean, CM 8x IO-Link, DI 16x24VDC, DIQ 16x24VDC, 0, 5A, SIMATIC ET 200eco PN, AI 8xRTD, TC, M12-L, CM 4x IO-Link, DI 8x24VDC, 2A, DQ 8x24VDC, SIMATIC ET 200MP IM 155-5 PN HF, SIMATIC ET 200pro IM 154-8 PN, DP CPU, SIMATIC ET 200pro IM 154-8F PN, SIMATIC ET 200pro IM 154-8FX PN, SIMATIC ET 200S IM 151-8 PN, SIMATIC ET 200S IM 151-8F PN, SIMATIC ET 200SP CPU 1510SP F-1 PN, SIMATIC ET 200SP CPU 1510SP-1 PN, SIMATIC ET 200SP CPU 1512SP F-1 PN, SIMATIC ET 200SP CPU 1512SP-1 PN, SIMATIC ET 200SP IM 155-6 MF HF, SIMATIC ET 200SP IM 155-6 PN HA, SIMATIC ET 200SP IM 155-6 PN HF, SIMATIC ET 200SP IM 155-6 PN, 2 HF, 3 HF, SIMATIC PN, MF Coupler, PN Coupler, SIMATIC Power Line Booster PLB, Base Module, Modem Module ST, SIMATIC S7-1200 CPU 1211C AC, DC, Rly, SIMATIC S7-1200 CPU 1211C DC, SIMATIC S7-1200 CPU 1212C AC, SIMATIC S7-1200 CPU 1212C DC, SIMATIC S7-1200 CPU 1212FC DC, SIMATIC S7-1200 CPU 1214C AC, SIMATIC S7-1200 CPU 1214C DC, SIMATIC S7-1200 CPU 1214FC DC, SIMATIC S7-1200 CPU 1215C AC, SIMATIC S7-1200 CPU 1215C DC, SIMATIC S7-1200 CPU 1215FC DC, SIMATIC S7-1200 CPU 1217C DC, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1516-3 PN, DP, SIMATIC S7-1500 CPU 1516F-3 PN, SIMATIC S7-200 SMART CPU CR40, SIMATIC S7-200 SMART CPU CR60, SIMATIC S7-200 SMART CPU SR20, SIMATIC S7-200 SMART CPU SR30, SIMATIC S7-200 SMART CPU SR40, SIMATIC S7-200 SMART CPU SR60, SIMATIC S7-200 SMART CPU ST20, SIMATIC S7-200 SMART CPU ST30, SIMATIC S7-200 SMART CPU ST40, SIMATIC S7-200 SMART CPU ST60, SIMATIC S7-300 CPU 314C-2 PN, SIMATIC S7-300 CPU 315-2 PN, SIMATIC S7-300 CPU 315F-2 PN, SIMATIC S7-300 CPU 315T-3 PN, SIMATIC S7-300 CPU 317-2 PN, SIMATIC S7-300 CPU 317F-2 PN, SIMATIC S7-300 CPU 317T-3 PN, SIMATIC S7-300 CPU 317TF-3 PN, SIMATIC S7-300 CPU 319-3 PN, SIMATIC S7-300 CPU 319F-3 PN, SIMATIC S7-400 CPU 412-2 PN V7, SIMATIC S7-400 CPU 414-3 PN, DP V7, SIMATIC S7-400 CPU 414F-3 PN, SIMATIC S7-400 CPU 416-3 PN, SIMATIC S7-400 CPU 416F-3 PN, SIMATIC S7-400 H V6 CPU family, SIMATIC S7-410 V10 CPU family, SIMATIC S7-410 V8 CPU family, SIMATIC TDC CP51M1, SIMATIC TDC CPU555, SIMOCODE pro V Ethernet, IP and SIMOCODE pro V PROFINET. Impacted is an unknown function of the component TCP Sequence Number Handler. Such manipulation leads to improper verification of source of a communication channel.

This vulnerability is referenced as CVE-2025-40820. It is possible to launch the attack remotely. No exploit is available.VulDB Recent EntriesRead More