CVE-2020-25229

CVE-2020-25229

Vendor Siemens
Product LOGO! 8 BM (incl. SIPLUS variants)
Weakness CWE-321
Published December 14, 2020
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The implemented encryption for communication with affected devices is prone to replay attacks due to the usage of a static key. An attacker could change the password or change the configuration on any affected device if using prepared messages that were generated for another device.

Key dates

02Disclosure timeline

December 14, 2020 CVE published
August 4, 2024 Record updated