A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0). The affected application is susceptible to resource exhaustion when subjected to high volume of TCP SYN packets
This could allow an attacker to render the service unavailable and cause denial-of-service conditions by overwhelming system resources.
Details
CVSS v3
7.5
CVSS v4
8.7
Affected versions
All SIMATIC CN 4100 versions < V5.0
Summary
This high-severity denial-of-service vulnerability impacts Siemens SIMATIC CN 4100 devices. An unauthenticated remote attacker can trigger this flaw by sending a high volume of crafted TCP SYN packets to the target system. This attack exhausts available system resources, leading to a denial of service condition that renders the service unavailable to legitimate users.
Remediation
Upgrade all affected SIMATIC CN 4100 installations to version V5.0 or newer to remediate this vulnerability. Until patching is completed, restrict access to the device's management interfaces to only trusted networks. Monitor inbound network traffic for unusual spikes in TCP SYN packets to detect potential exploitation attempts.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.