PT-2020-16025 · Siemens · Logo! 8 Bm

Published

2020-12-14

Updated

2020-12-16

CVE-2020-25228

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions LOGO! 8 BM (incl. SIPLUS variants) versions prior to V8.3

Description A vulnerability has been identified that could allow complete access to all services without authorization via a service available on port 10005/tcp. This could enable an attacker to gain full control over an affected device if they have access to this service. The system manual recommends protecting access to this port.

Recommendations For versions prior to V8.3, restrict access to port 10005/tcp to minimize the risk of exploitation. Consider implementing additional security measures as recommended by the system manual to protect access to this port.

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2020-25228

Affected Products

Logo! 8 Bm

PT-2020-16025 · Siemens · Logo! 8 Bm

CVE-2020-25228

Weakness Enumeration

Related Identifiers

Affected Products

References · 3