PT-2020-1259 · Siemens+10 · Simatic Cp 1243-7 Lte Eu+17
Published
2020-10-16
·
Updated
2025-09-29
·
CVE-2020-25705
CVSS v3.1
7.4
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 5.10
RUGGEDCOM RM1224 versions 5.0 through 6.4
SCALANCE M-800 versions 5.0 through 6.4
SCALANCE S615 versions 5.0 through 6.4
SCALANCE SC-600 versions prior to 2.1.3
SCALANCE W1750D versions 8.3.0.1, 8.6.0, and 8.7.0
SIMATIC Cloud Connect 7 version (all versions)
SIMATIC MV500 Family version (all versions)
SIMATIC NET CP 1243-1 (incl. SIPLUS variants) versions 3.1.39 and later
SIMATIC NET CP 1243-7 LTE EU version
Description
The issue is related to a flaw in the Linux kernel's handling of ICMP packets, allowing an off-path remote attacker to bypass UDP source port randomization. This could lead to remote information disclosure with no additional execution privileges needed. The vulnerability may be exploited to quickly scan open UDP ports and potentially affect software that relies on UDP source port randomization. It is estimated that millions of users may be vulnerable to this issue.
Recommendations
For Linux kernel versions prior to 5.10, update to a version 5.10 or later to resolve the issue.
For RUGGEDCOM RM1224 versions 5.0 through 6.4, consider disabling the vulnerable ICMP packet handling functionality until a patch is available.
For SCALANCE M-800 versions 5.0 through 6.4, restrict access to the affected UDP ports to minimize the risk of exploitation.
For SCALANCE S615 versions 5.0 through 6.4, avoid using the vulnerable
icmp global allow function in icmp.c until the issue is resolved.
For SCALANCE SC-600 versions prior to 2.1.3, update to version 2.1.3 or later to resolve the issue.
For SCALANCE W1750D versions 8.3.0.1, 8.6.0, and 8.7.0, consider applying configuration changes to restrict access to the affected UDP ports.
For SIMATIC Cloud Connect 7, SIMATIC MV500 Family, and SIMATIC NET CP 1243-1 (incl. SIPLUS variants), update to a patched version or consider disabling the vulnerable functionality until a patch is available.
For SIMATIC NET CP 1243-7 LTE EU, update to a version that includes the fix for this issue.Exploit
Fix
Use of Insufficiently Random Values
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Ruggedcom Rm1224
Red Hat
Scalance M-800
Scalance S615
Scalance Sc-600
Scalance W1750D
Simatic Cloud Connect 7
Simatic Mv500 Family
Simatic Net Cp 1243-1
Simatic Cp 1243-7 Lte Eu
Suse
Ubuntu