Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-25235

EPSS 0.31% · P54
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-25235

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The password used for authentication for the LOGO! Website and the LOGO! Access Tool is sent in a recoverable format. An attacker with access to the network traffic could derive valid logins.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
不充分的凭证保护机制
Source: NVD (National Vulnerability Database)
Vulnerability Title
Siemens LOGO! 8 BM 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Siemens LOGO! 8 BM是德国西门子(Siemens)公司的一个用于工业环境用于Windows平台的编程软件。 Siemens LOGO! 8 BM 存在安全漏洞,该漏洞源于访问网络流量的攻击者可以获得有效的登录,这可能允许机密信息的泄露。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
SiemensLOGO! 8 BM (incl. SIPLUS variants) All versions < V8.3 -

II. Public POCs for CVE-2020-25235

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2020-25235

登录查看更多情报信息。

Same Patch Batch · Siemens · 2020-12-14 · 17 CVEs total

CVE-2019-19283Siemens XHQ 信息泄露漏洞
CVE-2019-19284Siemens XHQ 跨站脚本漏洞
CVE-2019-19285Siemens XHQ 跨站脚本漏洞
CVE-2019-19286Siemens XHQ SQL注入漏洞
CVE-2019-19287Siemens XHQ 信息泄露漏洞
CVE-2019-19288Siemens XHQ 跨站脚本漏洞
CVE-2019-19289Siemens XHQ 跨站请求伪造漏洞
CVE-2020-15796Siemens SIMATIC Controller Web Servers 安全漏洞
CVE-2020-25228Siemens LOGO! 8 BM 访问控制错误漏洞
CVE-2020-25229Siemens LOGO! 8 BM 信任管理问题漏洞
CVE-2020-25230Siemens LOGO! 8 BM 加密问题漏洞
CVE-2020-25231Siemens LOGO! 8 BM 安全漏洞
CVE-2020-25232Siemens LOGO! 8 BM 加密问题漏洞
CVE-2020-25233Siemens LOGO! 8 BM 安全漏洞
CVE-2020-25234Siemens LOGO! 8 BM 授权问题漏洞
CVE-2020-28396多款Siemens产品安全漏洞

IV. Related Vulnerabilities

Same product: LOGO! 8 BM (incl. SIPLUS variants)
Same vendor: Siemens
Same weakness: CWE-522

V. Comments for CVE-2020-25235

No comments yet

Leave a comment