SSA-674753: Denial-of-Service Vulnerability in ET 200 Devices

HIGH

CVSS 7.5

Date 2026-06-09T00:00:00+00:00

Source siemens-productcert

Published by Siemens ProductCERT

// Description

Siemens ET 200 devices contain a denial-of-service vulnerability that could be triggered by sending a valid S7 protocol Disconnect Request (COTP DR TPDU), causing the device to become unresponsive and require a power cycle to recover. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.

// Vulnerabilities (1)

CVE ID	CVSS Score	Severity	Description
CVE-2025-40944	7.5	high	CVE-2025-40944. Affected devices do not properly handle S7 protocol session disconnect requests. When receiving a valid S7 protocol Disconnect Request (COTP DR TPDU) on TCP port 102, the devices enter an improper session state. This could allow an attacker to cause the device to become unresponsive, leading to a denial-of-service condition that requires a power cycle to restore normal operation.

// Remediations (13)

Patch: Update to V1.3 or later version

Update to V1.3 or later version

Patch: Update to V4.2.2 or later version

Update to V4.2.2 or later version

Mitigation: Filter the port 102 of the devices to only accepted connections to/from the IP addresses of machines

Filter the port 102 of the devices to only accepted connections to/from the IP addresses of machines that are trusted e.g. with an external firewall.

Mitigation: Restrict access to the network where S7 communication messages are exchanged.

Restrict access to the network where S7 communication messages are exchanged.

Patch: Update to V6.0.0 or later version

Update to V6.0.0 or later version

Patch: Update to V4.2.5 or later version

Update to V4.2.5 or later version

Patch: Update to V6.0.1 or later version

Update to V6.0.1 or later version