CVE-2020-25243

Name of the Vulnerable Software and Affected Versions: LOGO! Soft Comfort versions prior to V8.4

Description: A zip slip vulnerability could be triggered while importing a compromised project file to the affected software. This issue could ultimately lead to a system takeover by an attacker if chained with other vulnerabilities.

Recommendations: For versions prior to V8.4, update to version V8.4 or later to resolve the issue. As a temporary workaround, consider avoiding the import of project files from untrusted sources until a patch is applied. Restrict access to the project file import feature to minimize the risk of exploitation.