Vulnerability Details CVE-2020-25232
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Due to the usage of an insecure random number generation function and a deprecated cryptographic function, an attacker could extract the key that is used when communicating with an affected device on port 8080/tcp.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.0%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2020-25232
-
cpe:2.3:h:siemens:logo!_8_bm:-
-
cpe:2.3:o:siemens:logo!_8_bm_firmware:-
-
cpe:2.3:o:siemens:logo!_8_bm_firmware:1.81.01
-
cpe:2.3:o:siemens:logo!_8_bm_firmware:1.81.03
-
cpe:2.3:o:siemens:logo!_8_bm_firmware:1.81.04
-
cpe:2.3:o:siemens:logo!_8_bm_firmware:1.82.01
-
cpe:2.3:o:siemens:logo!_8_bm_firmware:1.82.02
-
cpe:2.3:o:siemens:logo!_8_bm_firmware:1.82.03
-
cpe:2.3:o:siemens:logo!_8_bm_firmware:1.82.04