CVE-2025-56234

Name of the Vulnerable Software and Affected Versions Nanda Automation Technology AT NA2000 (affected versions not specified)

Description The AT NA2000 Programmable Logic Controller (PLC) exhibits a denial-of-service condition. The device improperly handles TCP RST packets, accepting a broad range of sequence numbers instead of requiring an exact match to the expected sequence value, which is a deviation from RFC5961 standards. This allows attackers to disrupt established connections by sending numerous random TCP RST packets within the acceptable sequence number range, leading to a denial-of-service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.