Denial-of-Service Vulnerability in AT_NA2000 PLC from Nanda Automation Technology
CVE-2025-56234

Currently unrated

Key Information:

Vendor: Nanda Automation Technology
Status: AT_NA2000
Vendor: CVE Published:; 29 September 2025

🔔 Create Nanda Automation Technology Vulnerability Alert

What is CVE-2025-56234?

The AT_NA2000 PLC from Nanda Automation Technology exhibits a vulnerability in its handling of TCP RST packets. It allows for a wide range of acceptable sequence numbers, deviating from the requirements outlined in RFC5961. As a consequence, attackers can exploit this flaw by sending arbitrary TCP RST packets within the acceptable range. This exploitation can lead to significant interruptions in network connections, resulting in a denial-of-service scenario that disrupts normal operational capabilities.

References

https://github.com/zq-star/TCP-Vuln-Report/blob/master/PL...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 29, 2025
Vulnerability Reserved
Aug 16, 2025

JSON