Vulnerability Description
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization. An attacker could gain full control over an affected device, if he has access to this service. The system manual recommends to protect access to this port.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Logo\! 8 Bm Firmware | < 8.3 |
| Siemens | Logo\! 8 Bm | - |
Related Weaknesses (CWE)
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdfVendor Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdfVendor Advisory
FAQ
What is CVE-2020-25228?
CVE-2020-25228 is a vulnerability with a CVSS score of 9.8 (CRITICAL). A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). A service available on port 10005/tcp of the affected devices could allow complete access to all servic...
How severe is CVE-2020-25228?
CVE-2020-25228 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-25228?
Check the references section above for vendor advisories and patch information. Affected products include: Siemens Logo\! 8 Bm Firmware, Siemens Logo\! 8 Bm.