CVE-2020-25229
N/A
N/A
Summary
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The implemented encryption for communication with affected devices is prone to replay attacks due to the usage of a static key. An attacker could change the password or change the configuration on any affected device if using prepared messages that were generated for another device.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Siemens | LOGO! 8 BM (incl. SIPLUS variants) | All versions < V8.3 | affected |
Weaknesses
- CWE-321: CWE-321: Use of Hard-coded Cryptographic Key
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.