Skip to main content

Simatic Cn 4100

2 CVEs product

Monthly

CVE-2026-22925 HIGH CISA Act Now

Siemens SIMATIC CN 4100 versions prior to V5.0 can be rendered unavailable through TCP SYN flood attacks, allowing remote unauthenticated attackers to exhaust system resources and cause complete service disruption. The CVSS 4.0 score of 8.7 reflects the high availability impact (VA:H) combined with network-accessible attack vector requiring no privileges or user interaction. No active exploitation (CISA KEV) or public exploit code has been identified at time of analysis, though SYN flood techniques are well-documented and trivial to execute.

Denial Of Service Simatic Cn 4100
NVD
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-22924 HIGH CISA Act Now

Remote unauthenticated attackers can exhaust resources and bypass authentication controls in Siemens SIMATIC CN 4100 versions before V5.0, enabling denial of service conditions and unauthorized actions that compromise system availability and integrity. The vulnerability stems from improper connection validation (CWE-306), allowing network-based exploitation without any user interaction or privileges. Siemens has released V5.0 to address this flaw, documented in security advisory SSA-032379.

Authentication Bypass Denial Of Service Simatic Cn 4100
NVD
CVSS 4.0
8.8
EPSS
0.0%
EPSS 0% CVSS 8.7
HIGH Act Now

Siemens SIMATIC CN 4100 versions prior to V5.0 can be rendered unavailable through TCP SYN flood attacks, allowing remote unauthenticated attackers to exhaust system resources and cause complete service disruption. The CVSS 4.0 score of 8.7 reflects the high availability impact (VA:H) combined with network-accessible attack vector requiring no privileges or user interaction. No active exploitation (CISA KEV) or public exploit code has been identified at time of analysis, though SYN flood techniques are well-documented and trivial to execute.

Denial Of Service Simatic Cn 4100
NVD
EPSS 0% CVSS 8.8
HIGH Act Now

Remote unauthenticated attackers can exhaust resources and bypass authentication controls in Siemens SIMATIC CN 4100 versions before V5.0, enabling denial of service conditions and unauthorized actions that compromise system availability and integrity. The vulnerability stems from improper connection validation (CWE-306), allowing network-based exploitation without any user interaction or privileges. Siemens has released V5.0 to address this flaw, documented in security advisory SSA-032379.

Authentication Bypass Denial Of Service Simatic Cn 4100
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy