Vulnerability Description
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (V1.81.01 - V1.81.03), LOGO! 8 BM (incl. SIPLUS variants) (V1.82.01), LOGO! 8 BM (incl. SIPLUS variants) (V1.82.02). A buffer overflow vulnerability exists in the Web Server functionality of the device. A remote unauthenticated attacker could send a specially crafted HTTP request to cause a memory corruption, potentially resulting in remote code execution.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Logo\! 8 Bm Firmware | >= 1.81.01, <= 1.81.03 |
| Siemens | Logo\! 8 Bm | - |
Related Weaknesses (CWE)
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-573753.pdfVendor Advisory
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1069ExploitThird Party Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-573753.pdfVendor Advisory
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1069ExploitThird Party Advisory
FAQ
What is CVE-2020-7593?
CVE-2020-7593 is a vulnerability with a CVSS score of 9.8 (CRITICAL). A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (V1.81.01 - V1.81.03), LOGO! 8 BM (incl. SIPLUS variants) (V1.82.01), LOGO! 8 BM (incl. SIPLUS variants) (V1.82.02). A buffer ...
How severe is CVE-2020-7593?
CVE-2020-7593 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-7593?
Check the references section above for vendor advisories and patch information. Affected products include: Siemens Logo\! 8 Bm Firmware, Siemens Logo\! 8 Bm.