PT-2017-12677 · Siemens · Logo! Soft Comfort

Published

2017-12-26

Updated

2019-10-09

CVE-2017-12740

CVSS v3.1

5.9

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Siemens LOGO! Soft Comfort versions prior to V8.2

Description The issue concerns a lack of integrity verification of software packages downloaded via an unprotected communication channel. This could allow a remote attacker to manipulate the software package while performing a Man-in-the-Middle (MitM) attack.

Recommendations For versions prior to V8.2, update to version V8.2 or later to resolve the issue.

Fix

Insufficient Verification of Data Authenticity

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-494CWE-345

Related Identifiers

CVE-2017-12740

Affected Products

Logo! Soft Comfort

PT-2017-12677 · Siemens · Logo! Soft Comfort

CVE-2017-12740

Weakness Enumeration

Related Identifiers

Affected Products

References · 3