PT-2024-8115 · Siemens · Siplus Logo! 24Ce+6

Erwan Cordier

Published

2024-08-13

Updated

2024-08-13

CVE-2024-39922

CVSS v2.0

4.9

Medium

Vector

AV:L/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions: LOGO! 12/24RCE versions all LOGO! 12/24RCEo versions all LOGO! 230RCE versions all LOGO! 230RCEo versions all LOGO! 24CE versions all LOGO! 24CEo versions all LOGO! 24RCE versions all LOGO! 24RCEo versions all SIPLUS LOGO! 12/24RCE versions all SIPLUS LOGO! 12/24RCEo versions all SIPLUS LOGO! 230RCE versions all SIPLUS LOGO! 230RCEo versions all SIPLUS LOGO! 24CE versions all SIPLUS LOGO! 24CEo versions all SIPLUS LOGO! 24RCE versions all SIPLUS LOGO! 24RCEo versions all

Description: A vulnerability has been identified in the affected devices, which store user passwords in plaintext without proper protection. This could allow a physical attacker to retrieve them from the embedded storage ICs. The issue is related to the unencrypted storage of passwords in the open.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-256

Related Identifiers

BDU:2024-09644

CVE-2024-39922

Affected Products

Logo! 12/24Rce

Logo! 230Rce

Logo! 24Ce

Logo! 24Ceo

Siplus Logo! 12/24Rce

Siplus Logo! 230Rce

Siplus Logo! 24Ce

PT-2024-8115 · Siemens · Siplus Logo! 24Ce+6

CVE-2024-39922

Weakness Enumeration

Related Identifiers

Affected Products

References · 6