What is CVE-2020-25243?

CVE-2020-25243 is a medium-severity vulnerability in Siemens Logo! Soft Comfort, classified under Path Traversal. CVSS score: 5.1/10. Published 2021-04-22.

How severe is CVE-2020-25243?

Medium severity. CVSS v3 base score is 5.1 out of 10.

Path Traversal in Siemens Logo! Soft Comfort

CVE-2020-25243

A vulnerability has been identified in LOGO! Soft Comfort (All versions < V8.4). A zip slip vulnerability could be triggered while importing a compromised project file to the affected software. Chained with other vulnerabilities this vulne…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.001 (16.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.1 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L/E:P/RL:U/RC:C.

Affected products

Siemens Logo! Soft Comfort — versions All versions < V8.4

Weakness classification (CWE)

CWE-22 — Path Traversal

References

cert-portal.siemens.com/productcert/pdf/ssa-983300.pdf (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-25243?: CVE-2020-25243 is a medium-severity vulnerability in Siemens Logo! Soft Comfort, classified under Path Traversal. CVSS score: 5.1/10. Published 2021-04-22.
How severe is CVE-2020-25243?: Medium severity. CVSS v3 base score is 5.1 out of 10.