← Volver a CVEs
CVE-2020-25229
HIGH7.5
Descripcion
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The implemented encryption for communication with affected devices is prone to replay attacks due to the usage of a static key. An attacker could change the password or change the configuration on any affected device if using prepared messages that were generated for another device.
Detalles CVE
Puntuacion CVSS v3.17.5
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado12/14/2020
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
siemens:logo\!_8_bmsiemens:logo\!_8_bm_firmware
Debilidades (CWE)
CWE-321CWE-798
Referencias
https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf(productcert@siemens.com)
https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.