Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Siemens Subscribe
Filtered by product Logo\! 8 Bm

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-25229 1 Siemens 2 Logo\! 8 Bm, Logo\! 8 Bm Firmware 2022-04-25 5.0 MEDIUM 7.5 HIGH
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The implemented encryption for communication with affected devices is prone to replay attacks due to the usage of a static key. An attacker could change the password or change the configuration on any affected device if using prepared messages that were generated for another device.
CVE-2020-25230 1 Siemens 2 Logo\! 8 Bm, Logo\! 8 Bm Firmware 2020-12-16 5.0 MEDIUM 7.5 HIGH
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Due to the usage of an outdated cipher mode on port 10005/tcp, an attacker could extract the encryption key from a captured communication with the device.
CVE-2020-25232 1 Siemens 2 Logo\! 8 Bm, Logo\! 8 Bm Firmware 2020-12-16 5.0 MEDIUM 7.5 HIGH
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Due to the usage of an insecure random number generation function and a deprecated cryptographic function, an attacker could extract the key that is used when communicating with an affected device on port 8080/tcp.
CVE-2020-25234 1 Siemens 2 Logo\! 8 Bm, Logo\! 8 Bm Firmware 2020-12-16 3.6 LOW 7.7 HIGH
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The LOGO! program files generated and used by the affected components offer the possibility to save user-defined functions (UDF) in a password protected way. This protection is implemented in the software that displays the information. An attacker could reverse engineer the UDFs directly from stored program files.
CVE-2020-25235 1 Siemens 2 Logo\! 8 Bm, Logo\! 8 Bm Firmware 2020-12-16 5.0 MEDIUM 7.5 HIGH
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The password used for authentication for the LOGO! Website and the LOGO! Access Tool is sent in a recoverable format. An attacker with access to the network traffic could derive valid logins.