CVE-2020-25231

Summary

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The encryption of program data for the affected devices uses a static key. An attacker could use this key to extract confidential information from protected program files.

Affected Software

VendorProductVersion RangeStatus
SiemensLOGO! 8 BM (incl. SIPLUS variants)All versions < V8.3affected
SiemensLOGO! Soft ComfortAll versions < V8.3affected

Weaknesses

  • CWE-321: CWE-321: Use of Hard-coded Cryptographic Key

ADP Enrichment

CVE Program Container

Additional References

References