{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/packet-forging/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":9.8,"id":"CVE-2025-13926"}],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["critical"],"_cs_tags":["cve-2025-13926","basc-20t","packet-forging","industrial-control-system"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eCVE-2025-13926 is a critical vulnerability affecting Contemporary Controls BASC 20T. An attacker can exploit this vulnerability by capturing network traffic and forging packets, enabling them to send arbitrary requests to the device. This is achieved by sniffing network traffic, extracting necessary data for packet construction, and then crafting malicious packets to interact with the BASC 20T. The vulnerability has a CVSS v3.1 score of 9.8 and a CVSS v4.0 score of 9.3, highlighting the severity and potential impact. Successful exploitation could lead to unauthorized access, modification of settings, or disruption of operations managed by the BASC 20T. This vulnerability was reported by ICS-CERT and assigned CWE-807, which describes reliance on untrusted inputs in a security decision.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker performs network reconnaissance to identify a vulnerable Contemporary Controls BASC 20T device.\u003c/li\u003e\n\u003cli\u003eAttacker passively sniffs network traffic to and from the BASC 20T device.\u003c/li\u003e\n\u003cli\u003eThe attacker analyzes captured network packets to understand the communication protocol and packet structure used by the BASC 20T.\u003c/li\u003e\n\u003cli\u003eAttacker identifies fields within the packets that can be manipulated to achieve the desired malicious actions.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a forged packet with modified fields to perform an arbitrary request (e.g., changing settings, issuing commands).\u003c/li\u003e\n\u003cli\u003eThe attacker injects the forged packet into the network, targeting the BASC 20T device.\u003c/li\u003e\n\u003cli\u003eThe BASC 20T processes the forged packet without proper validation, executing the attacker\u0026rsquo;s arbitrary request.\u003c/li\u003e\n\u003cli\u003eThe attacker gains unauthorized control or access to the BASC 20T, potentially disrupting operations.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2025-13926 allows an attacker to make arbitrary requests to the Contemporary Controls BASC 20T. This could lead to unauthorized modification of device settings, disruption of critical control processes, or potentially complete device compromise. The affected BASC 20T devices are often used in industrial control systems (ICS), so a successful attack could have significant consequences for the targeted organization, including operational downtime, equipment damage, or safety hazards.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMonitor network traffic for unusual patterns or malformed packets originating from or directed to Contemporary Controls BASC 20T devices (network_connection category).\u003c/li\u003e\n\u003cli\u003eImplement network segmentation to limit the blast radius of a potential compromise.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rules provided to detect suspicious network activity related to forged packets targeting BASC 20T devices.\u003c/li\u003e\n\u003cli\u003eContact Contemporary Controls for available patches or mitigations for CVE-2025-13926 (references section).\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-09T20:16:23Z","date_published":"2026-04-09T20:16:23Z","id":"/briefs/2026-04-basc-20t-packet-forging/","summary":"CVE-2025-13926 describes a vulnerability in Contemporary Controls BASC 20T that allows an attacker to sniff network traffic and forge packets to make arbitrary requests, potentially leading to unauthorized actions.","title":"Contemporary Controls BASC 20T Packet Forging Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-04-basc-20t-packet-forging/"}],"language":"en","title":"CraftedSignal Threat Feed — Packet-Forging","version":"https://jsonfeed.org/version/1.1"}