TCP SeQ Validation Flaw Enables Remote DoS in TCP Services
CVE-2025-40820 Published on December 9, 2025
Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to interfere with connection setup, potentially leading to a denial of service. The attack succeeds only if an attacker can inject IP packets with spoofed addresses at precisely timed moments, and it affects only TCP-based services.
Weakness Type
Improper Verification of Source of a Communication Channel
The software establishes a communication channel to handle an incoming request that has been initiated by an actor, but it does not properly verify that the request is coming from the expected origin. When an attacker can successfully establish a communication channel from an untrusted origin, the attacker may be able to gain privileges and access unexpected functionality.
Products Associated with CVE-2025-40820
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2025-40820 are published in Siemens Sinumerik 840d Sl:
Affected Versions
Siemens SIDOOR ATD430W:- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before V2.0.0 is affected.
- Before V2.0.0 is affected.
- Before V2.0.0 is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Version V5.1.1 and below * is affected.
- Version V5.1.1 and below * is affected.
- Version V5.1.1 and below * is affected.
- Version V5.1.1 and below * is affected.
- Version V5.1.1 and below * is affected.
- Version V5.1.1 and below * is affected.
- Version V5.1.1 and below * is affected.
- Version V5.1.1 and below * is affected.
- Version V5.1.1 and below * is affected.
- Version V4.2.0 and below * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before V1.3 is affected.
- Version V4.2.0 and below * is affected.
- Version V4.2.0 and below * is affected.
- Version V4.2.0 and below * is affected.
- Before * is affected.
- Before V6.0.0 is affected.
- Before * is affected.
- Before * is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before V10.2 is affected.
- Before V8.3 is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Version V4.2.0 and below * is affected.
- Version V4.2.0 and below * is affected.
- Version V4.2.0 and below * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Version V4.2.0 and below * is affected.
- Version V4.2.0 and below * is affected.
- Version V4.2.0 and below * is affected.
- Version V4.2.0 and below * is affected.
- Version V4.2.0 and below * is affected.
- Version V4.2.0 and below * is affected.
- Version V4.2.0 and below * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before V6.0.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before V4.4.0 is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
- Before * is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.