CVE-2017-12740

Summary

Siemens LOGO! Soft Comfort (All versions before V8.2) lacks integrity verification of software packages downloaded via an unprotected communication channel. This could allow a remote attacker to manipulate the software package while performing a Man-in-the-Middle (MitM) attack.

Affected Software

VendorProductVersion RangeStatus
n/aSiemens LOGO! Soft Comfort (All versions before V8.2)Siemens LOGO! Soft Comfort (All versions before V8.2)affected

Weaknesses

  • CWE-494: CWE-494: Download of Code Without Integrity Check

ADP Enrichment

CVE Program Container

Additional References

References