OTPulse
FeedAboutContact

Siemens SIMATIC CN 4100

Monitor6.5ICS-CERT ICSA-25-191-04Jul 8, 2025
Attack VectorNetwork
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary

A vulnerability in SIMATIC CN 4100 (versions before V4.0) allows an attacker with valid network credentials to trigger a denial of service condition, making the device unresponsive. The vulnerability is due to improper input validation (CWE-20). Siemens has released version 4.0 which includes the fix.

What this means
What could happen
An attacker with network access could cause the SIMATIC CN 4100 industrial PC to become unavailable, disrupting critical operations that depend on it for process monitoring, data collection, or control coordination.
Who's at risk
Operations and IT staff at water utilities, electric utilities, and other critical infrastructure facilities that use Siemens SIMATIC CN 4100 industrial PCs for process monitoring, data collection, or SCADA coordination should prioritize this update.
How it could be exploited
An attacker with valid credentials on your network could send a crafted request to the CN 4100 that triggers the denial of service condition, causing the device to become unresponsive. This could affect any system that depends on the CN 4100 for real-time monitoring or coordination.
Prerequisites
  • Network access to the SIMATIC CN 4100 device
  • Valid user credentials (PR:L per CVSS vector indicates low-privilege account required)
  • Device running firmware version prior to V4.0
Remotely exploitableLow attack complexityRequires valid credentialsAffects availability of industrial monitoring/coordination
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
SIMATIC CN 4100< V4.04.0
Remediation & Mitigation
0/4
Do now
0/1
WORKAROUNDConfigure firewall rules to restrict network access to the CN 4100 to only authorized engineering workstations and control system networks
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SIMATIC CN 4100 to firmware version 4.0 or later
Long-term hardening
0/2
HARDENINGIsolate CN 4100 and the network segment it controls from the business network using a firewall or air gap
HARDENINGImplement network segmentation so the CN 4100 is not accessible from the internet
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/9f4af170-3b96-4462-b722-7a34d05af0ae
Siemens SIMATIC CN 4100 | CVSS 6.5 - OTPulse