38 matches found
EUVD-2019-2635
Malware in sbrugna...
EUVD-2020-17918
Malware in sbrugna...
CVE-2020-25230
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Due to the usage of an outdated cipher mode on port 10005/tcp, an attacker could extract the encryption key from a captured communication with the device...
CVE-2020-25228
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization. An attacker could gain full control over an affected device, if he has access...
CVE-2019-10919
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Attackers with access to port 10005/tcp could perform device reconfigurations and obtain project files from the devices. The system manual recommends to protect access to this port. The security vulnerabili...
"Established connection failed because connected host has failed to respond :10005"
Challenge A Windows Agent Backup or Windows Agent Policy type job within Veeam Backup & Replication fails with either of the following errors. A Veeam Agent Backup operating in Managed by backup server fails with the error: Error: Managed session has failed: A connection attempt failed because th...
Siemens LOGO! 8 BM Missing Authentication For Critical Function (CVE-2020-25228)
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization. An attacker could gain full control over an affected device, if he has access...
Siemens LOGO! 8 BM Use of Hard-Coded Cryptographic Key (CVE-2020-25233)
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. The firmware update of affected devices contains the private RSA key that is used as a basis for encryption of communication with the device. This plugin only works with Tenable.ot. Please visit...
Siemens LOGO! 8 BM Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-25230)
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Due to the usage of an outdated cipher mode on port 10005/tcp, an attacker could extract the encryption key from a captured communication with the device. This plugin only works with Tenable.ot. Please visi...
Siemens LOGO! 8 BM Improper Handling of Extra Values (CVE-2019-10920)
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Project data stored on the device, which is accessible via port 10005/tcp, can be decrypted due to a hardcoded encryption key. The security vulnerability could be exploited by an unauthenticated attacker wi...
Siemens LOGO! 8 BM Missing Authentication For Critical Function (CVE-2019-10919)
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Attackers with access to port 10005/tcp could perform device reconfigurations and obtain project files from the devices. The system manual recommends to protect access to this port. The security vulnerabili...
Siemens LOGO! 8 BM Plaintext Storage of a Password (CVE-2019-10921)
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Unencrypted storage of passwords in the project could allow an attacker with access to port 10005/tcp to obtain passwords of the device. The security vulnerability could be exploited by an unauthenticated...
Siemens LOGO! 8 BM Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-25232)
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Due to the usage of an insecure random number generation function and a deprecated cryptographic function, an attacker could extract the key that is used when communicating with an affected device on port...
CVE-2020-25230
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Due to the usage of an outdated cipher mode on port 10005/tcp, an attacker could extract the encryption key from a captured communication with the device...
CVE-2020-25228
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization. An attacker could gain full control over an affected device, if he has access...
CVE-2020-25230
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Due to the usage of an outdated cipher mode on port 10005/tcp, an attacker could extract the encryption key from a captured communication with the device...
Authorization
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization. An attacker could gain full control over an affected device, if he has access...
CVE-2020-25230
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Due to the usage of an outdated cipher mode on port 10005/tcp, an attacker could extract the encryption key from a captured communication with the device...
CVE-2020-25228
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization. An attacker could gain full control over an affected device, if he has access...
CVE-2020-25228
CVE-2020-25228 affects Siemens LOGO! 8 BM (incl. SIPLUS variants) with all versions prior to 8.3. The issue is Missing Authentication for Critical Function on a service reachable at port 10005/tcp, enabling an attacker with access to that service to gain full control of the device and access all ...