CVE-2020-25232

CVE-2020-25232

Vendor Siemens
Product LOGO! 8 BM (incl. SIPLUS variants)
Weakness CWE-327 · Broken crypto
Published December 14, 2020
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Due to the usage of an insecure random number generation function and a deprecated cryptographic function, an attacker could extract the key that is used when communicating with an affected device on port 8080/tcp.

Key dates

02Disclosure timeline

December 14, 2020 CVE published
August 4, 2024 Record updated