Vulnerability Description
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The LOGO! program files generated and used by the affected components offer the possibility to save user-defined functions (UDF) in a password protected way. This protection is implemented in the software that displays the information. An attacker could reverse engineer the UDFs directly from stored program files.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Logo\! 8 Bm Firmware | < 8.3 |
| Siemens | Logo\! 8 Bm | - |
Related Weaknesses (CWE)
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdfVendor Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdfVendor Advisory
FAQ
What is CVE-2020-25234?
CVE-2020-25234 is a vulnerability with a CVSS score of 7.7 (HIGH). A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The LOGO! program files generated and used by the affected co...
How severe is CVE-2020-25234?
CVE-2020-25234 has been rated HIGH with a CVSS base score of 7.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-25234?
Check the references section above for vendor advisories and patch information. Affected products include: Siemens Logo\! 8 Bm Firmware, Siemens Logo\! 8 Bm.