Page 4 of 22 results (0.004 seconds)

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

A vulnerability has been identified in SIEMENS LOGO!8 (6ED1052-xyyxx-0BA8 FS:01 to FS:06 / Firmware version V1.80.xx and V1.81.xx), SIEMENS LOGO!8 (6ED1052-xyy08-0BA0 FS:01 / Firmware version < V1.82.02). The integrated webserver does not invalidate the Session ID upon user logout. An attacker that successfully extracted a valid Session ID is able to use it even after the user logs out. • https://cert-portal.siemens.com/productcert/pdf/ssa-774850.pdf • CWE-384: Session Fixation CWE-613: Insufficient Session Expiration •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

A vulnerability has been identified in SIEMENS LOGO!8 (6ED1052-xyyxx-0BA8 FS:01 to FS:06 / Firmware version V1.80.xx and V1.81.xx), SIEMENS LOGO!8 (6ED1052-xyy08-0BA0 FS:01 / Firmware version < V1.82.02). An attacker with network access to port 10005/tcp of the LOGO! device could cause a Denial-of-Service condition by sending specially crafted packets. • https://cert-portal.siemens.com/productcert/pdf/ssa-774850.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Unencrypted storage of passwords in the project could allow an attacker with access to port 10005/tcp to obtain passwords of the device. The security vulnerability could be exploited by an unauthenticated attacker with network access to port 10005/tcp. • http://packetstormsecurity.com/files/153124/Siemens-LOGO-8-Recoverable-Password-Format.html http://seclists.org/fulldisclosure/2019/May/49 http://www.securityfocus.com/bid/108382 https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf https://seclists.org/bugtraq/2019/May/74 • CWE-256: Plaintext Storage of a Password CWE-522: Insufficiently Protected Credentials •

CVSS: 9.4EPSS: 0%CPEs: 2EXPL: 3

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Attackers with access to port 10005/tcp could perform device reconfigurations and obtain project files from the devices. The system manual recommends to protect access to this port. • http://packetstormsecurity.com/files/153123/Siemens-LOGO-8-Missing-Authentication.html http://seclists.org/fulldisclosure/2019/May/45 http://www.securityfocus.com/bid/108382 https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf https://seclists.org/bugtraq/2019/May/73 • CWE-306: Missing Authentication for Critical Function •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Project data stored on the device, which is accessible via port 10005/tcp, can be decrypted due to a hardcoded encryption key. The security vulnerability could be exploited by an unauthenticated attacker with network access to port 10005/tcp. • http://packetstormsecurity.com/files/153122/Siemens-LOGO-8-Hard-Coded-Cryptographic-Key.html http://seclists.org/fulldisclosure/2019/May/44 http://www.securityfocus.com/bid/108382 https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf https://seclists.org/bugtraq/2019/May/72 • CWE-321: Use of Hard-coded Cryptographic Key CWE-798: Use of Hard-coded Credentials •