CVE-2020-25234
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-25234
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The LOGO! program files generated and used by the affected components offer the possibility to save user-defined functions (UDF) in a password protected way. This protection is implemented in the software that displays the information. An attacker could reverse engineer the UDFs directly from stored program files.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用硬编码的密码学密钥
Source: NVD (National Vulnerability Database)
Vulnerability Title
Siemens LOGO! 8 BM 授权问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Siemens LOGO! 8 BM是德国西门子(Siemens)公司的一个用于工业环境用于Windows平台的编程软件。 Siemens LOGO 8BM 存在授权问题漏洞,对特定服务有访问权的攻击者可利用该漏洞,可能会在没有授权的情况下获得对所有服务的完整访问权。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Siemens | LOGO! 8 BM (incl. SIPLUS variants) | All versions < V8.3 | - | |
| Siemens | LOGO! Soft Comfort | All versions < V8.3 | - |
II. Public POCs for CVE-2020-25234
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2020-25234
请登录查看更多情报信息。
Same Patch Batch · Siemens · 2020-12-14 · 17 CVEs total
| CVE-2019-19283 | Siemens XHQ 信息泄露漏洞 | |
| CVE-2019-19284 | Siemens XHQ 跨站脚本漏洞 | |
| CVE-2019-19285 | Siemens XHQ 跨站脚本漏洞 | |
| CVE-2019-19286 | Siemens XHQ SQL注入漏洞 | |
| CVE-2019-19287 | Siemens XHQ 信息泄露漏洞 | |
| CVE-2019-19288 | Siemens XHQ 跨站脚本漏洞 | |
| CVE-2019-19289 | Siemens XHQ 跨站请求伪造漏洞 | |
| CVE-2020-15796 | Siemens SIMATIC Controller Web Servers 安全漏洞 | |
| CVE-2020-25228 | Siemens LOGO! 8 BM 访问控制错误漏洞 | |
| CVE-2020-25229 | Siemens LOGO! 8 BM 信任管理问题漏洞 | |
| CVE-2020-25230 | Siemens LOGO! 8 BM 加密问题漏洞 | |
| CVE-2020-25231 | Siemens LOGO! 8 BM 安全漏洞 | |
| CVE-2020-25232 | Siemens LOGO! 8 BM 加密问题漏洞 | |
| CVE-2020-25233 | Siemens LOGO! 8 BM 安全漏洞 | |
| CVE-2020-25235 | Siemens LOGO! 8 BM 安全漏洞 | |
| CVE-2020-28396 | 多款Siemens产品安全漏洞 |
IV. Related Vulnerabilities
Same weakness: CWE-321
- CVE-2026-8243
Industrial Application Software IAS Canias ERP JNLP Deployme - CVE-2026-6787
Usage of a hard-coded cryptographic key in WatchGuard Agent - CVE-2026-42518
Information Disclosure Vulnerability in e-Sushrut HMIS - CVE-2026-7306
Xuxueli xxl-job OpenAPI Endpoint OpenApiController.java hard - CVE-2026-32644
Milesight Cameras Use of Hard-coded Cryptographic Key
V. Comments for CVE-2020-25234
No comments yet