Lucene search

SiemensCVELIST:CVE-2020-25228

HistoryDec 14, 2020 - 9:05 p.m.

CVE-2020-25228

2020-12-1421:05:18

CWE-306

siemens

www.cve.org

vulnerability

logo! 8 bm

unauthorized access

system manual

port 10005/tcp

AI Score

9.4

Confidence

High

EPSS

0.002

Percentile

54.1%

JSON

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization. An attacker could gain full control over an affected device, if he has access to this service. The system manual recommends to protect access to this port.

CNA Affected

[
  {
    "product": "LOGO! 8 BM (incl. SIPLUS variants)",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V8.3"
      }
    ]
  }
]

References

cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf