Page 2 of 22 results (0.015 seconds)

CVSS: 7.7EPSS: 0%CPEs: 2EXPL: 0

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The LOGO! • https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf • CWE-321: Use of Hard-coded Cryptographic Key •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The firmware update of affected devices contains the private RSA key that is used as a basis for encryption of communication with the device. Se ha identificado una vulnerabilidad en LOGO! • https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf • CWE-321: Use of Hard-coded Cryptographic Key •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Due to the usage of an insecure random number generation function and a deprecated cryptographic function, an attacker could extract the key that is used when communicating with an affected device on port 8080/tcp. Se ha identificado una vulnerabilidad en LOGO! • https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The password used for authentication for the LOGO! Website and the LOGO! • https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf • CWE-522: Insufficiently Protected Credentials •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The implemented encryption for communication with affected devices is prone to replay attacks due to the usage of a static key. An attacker could change the password or change the configuration on any affected device if using prepared messages that were generated for another device. • https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf • CWE-321: Use of Hard-coded Cryptographic Key CWE-798: Use of Hard-coded Credentials •