The vulnerability of the methods used to verify the structure of TCP packets in Siemens LOGO!8 BM and SIPLUS LOGO! programmable logic controllers allows a perpetrator to execute arbitrary code or cause service failures.

The vulnerability of the methods used to check the structure of TCP packets in Siemens LOGO!8 BM and SIPLUS LOGO! programmable logic controllers is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code or...

The vulnerability of microprogrammed software in Siemens LOGO!8 BM and SIPLUS LOGO! controllers arises from incorrect checking of specified indices, positions, or offsets in input data. This allows unauthorized access by attackers to protected information.

The vulnerability of the microprogrammed software of Siemens LOGO!8 BM and SIPLUS LOGO! lies in the improper checking of specified indices, positions, or offsets in input data during TCP packet processing. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protecte...

CVE-2022-36360

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Affected devices load firmware updates without checking the authenticity. Furthermore the integrity of the unencrypted firmware is only verified by a non-cryptographic method. This could allow an attacker t...

PT-2022-7651 · Siemens · Logo! 230Rce +7

Name of the Vulnerable Software and Affected Versions: LOGO! 12/24RCE versions 6ED1052-1MD08-0BA1 through 6ED1052-1MD08-0BA2 LOGO! 12/24RCEo versions 6ED1052-2MD08-0BA1 through 6ED1052-2MD08-0BA2 LOGO! 230RCE versions 6ED1052-1FB08-0BA1 through 6ED1052-1FB08-0BA2 LOGO! 230RCEo versions...

Siemens LOGO! 8 BM 安全漏洞

Siemens LOGO! 8 BM is a programming software for industrial environments for the Windows platform from Siemens Germany. Siemens LOGO! 8 BM suffers from a buffer overflow vulnerability that stems from an inability to properly validate the structure of a TCP packet through a variety of methods. An...

Siemens LOGO! 8 BM 输入验证错误漏洞

A security vulnerability exists in Siemens LOGO! 8 BM, a programming software for industrial environments for the Windows platform from Siemens, Germany, which stems from the fact that certain authentication is not performed when interacting with them. An unauthenticated remote attacker could...

CVE-2020-25233

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. The firmware update of affected devices contains the private RSA key that is used as a basis for encryption of communication with the device...

CVE-2020-25235

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. The password used for authentication for the LOGO! Website and the LOGO! Access Tool is sent in a recoverable format. An attacker with access to the network traffic could derive valid logins...

CVE-2020-25234

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3, LOGO! Soft Comfort All versions V8.3. The LOGO! program files generated and used by the affected components offer the possibility to save user-defined functions UDF in a password protected way. This...

CVE-2020-25229

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. The implemented encryption for communication with affected devices is prone to replay attacks due to the usage of a static key. An attacker could change the password or change the configuration on any...

CVE-2020-25230

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Due to the usage of an outdated cipher mode on port 10005/tcp, an attacker could extract the encryption key from a captured communication with the device...

CVE-2020-25231

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3, LOGO! Soft Comfort All versions V8.3. The encryption of program data for the affected devices uses a static key. An attacker could use this key to extract confidential information from protected program fil...

CVE-2020-25228

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization. An attacker could gain full control over an affected device, if he has access...

CVE-2020-25232

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Due to the usage of an insecure random number generation function and a deprecated cryptographic function, an attacker could extract the key that is used when communicating with an affected device on port...

Siemens LOGO! 8 BM Static Key Replay Attack Vulnerability

Siemens LOGO! 8 BM is a programming software for industrial environments for the Windows platform from Siemens Germany. A security vulnerability exists in Siemens LOGO! 8 BM. An attacker could exploit this vulnerability by performing a replay attack to make unauthorized changes to passwords or...

SIEMENS LOGO! 8 BM Critical Functions Missing Certification Vulnerability

SIEMENS LOGO! 8 BM is a programming software for industrial environments for the Windows platform from Siemens Germany. A security vulnerability exists in SIEMENS LOGO! 8 BM, which can be exploited by an attacker who has access to specific services to gain unauthorized full access to all services...

Siemens LOGO! 8 BM License Issue Vulnerability

Siemens LOGO! 8 BM is a programming software for industrial environments for the Windows platform from Siemens Germany. A security vulnerability exists in Siemens LOGO! 8 BM. An attacker could exploit the vulnerability to gain unauthorized full access to all services...

Siemens LOGO! 8 BM 安全漏洞

Siemens LOGO! 8 BM is a programming software for industrial environments for the Windows platform from Siemens Germany. A security vulnerability exists in Siemens LOGO! 8 BM. The vulnerability arises from the fact that an attacker accessing network traffic could obtain a valid login, which could ...

Siemens LOGO! 8 BM 访问控制错误漏洞

SIEMENS LOGO! 8 BM is a programming software for industrial environments for the Windows platform from Siemens Germany. A security vulnerability exists in SIEMENS LOGO! 8 BM, which can be exploited by an attacker who has access to specific services to gain unauthorized full access to all services...

CVE-2020-7593

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants V1.81.01 - V1.81.03, LOGO! 8 BM incl. SIPLUS variants V1.82.01, LOGO! 8 BM incl. SIPLUS variants V1.82.02. A buffer overflow vulnerability exists in the Web Server functionality of the device. A remote unauthenticated attacke...