Vulnerability Details CVE-2017-12740
Siemens LOGO! Soft Comfort (All versions before V8.2) lacks integrity verification of software packages downloaded via an unprotected communication channel. This could allow a remote attacker to manipulate the software package while performing a Man-in-the-Middle (MitM) attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.9%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
References
Products affected by CVE-2017-12740
-
cpe:2.3:a:siemens:logo!_soft_comfort:-
-
cpe:2.3:a:siemens:logo!_soft_comfort:2.0
-
cpe:2.3:a:siemens:logo!_soft_comfort:3.0
-
cpe:2.3:a:siemens:logo!_soft_comfort:3.1
-
cpe:2.3:a:siemens:logo!_soft_comfort:4.0
-
cpe:2.3:a:siemens:logo!_soft_comfort:5.0
-
cpe:2.3:a:siemens:logo!_soft_comfort:6.1
-
cpe:2.3:a:siemens:logo!_soft_comfort:7.0
-
cpe:2.3:a:siemens:logo!_soft_comfort:8.0
-
cpe:2.3:a:siemens:logo!_soft_comfort:8.1