Vulnerability in Siemens Logo! 8 Bm (Incl. Siplus Variants)

CVE-2020-25231

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The encryption of program data for the affected devices uses a static key. An attacker could use thi…

EPSS: 0.001 (20.0th percentile) — read the EPSS interpretation.

Affected products

Siemens Logo! 8 Bm (Incl. Siplus Variants) — versions All versions < V8.3
Siemens Logo! Soft Comfort — versions All versions < V8.3

Weakness classification (CWE)

CWE-321 — Use of Hard-coded Cryptographic Key

References

cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf (x_refsource_MISC)