Erwan Cordier

Name of the Vulnerable Software and Affected Versions: LOGO! 12/24RCE versions all LOGO! 12/24RCEo versions all LOGO! 230RCE versions all LOGO! 230RCEo versions all LOGO! 24CE versions all LOGO! 24CEo versions all LOGO! 24RCE versions all LOGO! 24RCEo versions all SIPLUS LOGO! 12/24RCE versions all SIPLUS LOGO! 12/24RCEo versions all SIPLUS LOGO! 230RCE versions all SIPLUS LOGO! 230RCEo versions all SIPLUS LOGO! 24CE versions all SIPLUS LOGO! 24CEo versions all SIPLUS LOGO! 24RCE versions all SIPLUS LOGO! 24RCEo versions all Description: A vulnerability has been identified in the affected devices, which store user passwords in plaintext without proper protection. This could allow a physical attacker to retrieve them from the embedded storage ICs. The issue is related to the unencrypted storage of passwords in the open. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.