Vulnerability Details CVE-2020-25234
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The LOGO! program files generated and used by the affected components offer the possibility to save user-defined functions (UDF) in a password protected way. This protection is implemented in the software that displays the information. An attacker could reverse engineer the UDFs directly from stored program files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.6%
CVSS Severity
CVSS v3 Score 7.7
CVSS v2 Score 3.6
References
Products affected by CVE-2020-25234
-
cpe:2.3:h:siemens:logo!_8_bm:-
-
cpe:2.3:o:siemens:logo!_8_bm_firmware:-
-
cpe:2.3:o:siemens:logo!_8_bm_firmware:1.81.01
-
cpe:2.3:o:siemens:logo!_8_bm_firmware:1.81.03
-
cpe:2.3:o:siemens:logo!_8_bm_firmware:1.81.04
-
cpe:2.3:o:siemens:logo!_8_bm_firmware:1.82.01
-
cpe:2.3:o:siemens:logo!_8_bm_firmware:1.82.02
-
cpe:2.3:o:siemens:logo!_8_bm_firmware:1.82.03
-
cpe:2.3:o:siemens:logo!_8_bm_firmware:1.82.04