CVE-2020-27632

Name of the Vulnerable Software and Affected Versions SIMATIC MV400 family versions prior to v7.0.6

Description The issue is related to the implementation of the ISN generator in the TI-NDKTCPIP protocol stack, which uses insufficiently random values. This could allow a remote attacker to predict and hijack TCP sessions, potentially gaining unauthorized access to protected information.

Recommendations For SIMATIC MV400 family versions prior to v7.0.6, update to version v7.0.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the affected system to minimize the risk of exploitation.