CVE-2020-25244
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability has been identified in LOGO! Soft Comfort (All versions < V8.4). The software insecurely loads libraries which makes it vulnerable to DLL hijacking.
Successful exploitation by a local attacker could lead to a takeover of the system
where the software is installed.
Se ha identificado una vulnerabilidad en LOGO! Soft Comfort (todas las versiones). El software carga bibliotecas de manera no segura, lo que lo hace vulnerable al secuestro de DLL. Una explotación con éxito por parte de un atacante local podría conllevar a una toma de control del sistema donde está instalado el software
A vulnerability has been identified in LOGO! Soft Comfort (All versions < V8.4). The software insecurely loads libraries which makes it vulnerable to DLL hijacking. Successful exploitation by a local attacker could lead to a takeover of the system where the software is installed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-09-10 CVE Reserved
- 2021-04-22 CVE Published
- 2024-08-04 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-427: Uncontrolled Search Path Element
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-983300.pdf | 2023-12-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Siemens Search vendor "Siemens" | Logo\! Soft Comfort Search vendor "Siemens" for product "Logo\! Soft Comfort" | * | - |
Affected
| ||||||