Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-7593

EPSS 17.29% · P95
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-7593

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (V1.81.01 - V1.81.03), LOGO! 8 BM (incl. SIPLUS variants) (V1.82.01), LOGO! 8 BM (incl. SIPLUS variants) (V1.82.02). A buffer overflow vulnerability exists in the Web Server functionality of the device. A remote unauthenticated attacker could send a specially crafted HTTP request to cause a memory corruption, potentially resulting in remote code execution.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Siemens LOGO! 8 BM 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Siemens LOGO!8 BM是德国西门子(Siemens)公司的一款可编程逻辑控制器。 LOGO! 8 BM(包括:SIPLUS variants)V1.81.01版本至V1.81.03版本、V1.82.01版本和V1.82.02版本中的Web Server功能存在缓冲区错误漏洞。远程攻击者可借助特制的HTTP请求利用该漏洞损坏内存,可能执行代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Siemens AGLOGO! 8 BM (incl. SIPLUS variants) V1.81.01 - V1.81.03 -
Siemens AGLOGO! 8 BM (incl. SIPLUS variants) V1.82.01 -
Siemens AGLOGO! 8 BM (incl. SIPLUS variants) V1.82.02 -

II. Public POCs for CVE-2020-7593

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2020-7593

登录查看更多情报信息。

Same Patch Batch · Siemens AG · 2020-07-14 · 12 CVEs total

CVE-2020-10037Siemens SICAM MMU、SGU和T 缓冲区错误漏洞
CVE-2020-10038Siemens SICAM MMU、SGU和T 访问控制错误漏洞
CVE-2020-10039Siemens SICAM MMU、SGU和T 安全漏洞
CVE-2020-10040Siemens SICAM MMU、SGU和T 安全漏洞
CVE-2020-10041Siemens SICAM MMU、SGU和T 跨站脚本漏洞
CVE-2020-10042Siemens SICAM MMU、SGU和T 缓冲区错误漏洞
CVE-2020-10043Siemens SICAM MMU、SGU和T 跨站脚本漏洞
CVE-2020-10044Siemens SICAM MMU、SGU和T 访问控制错误漏洞
CVE-2020-10045Siemens SICAM MMU、SGU和T 访问控制错误漏洞
CVE-2020-7584SIMATIC S7-200 SMART SR CPU和ST CPU 资源管理错误漏洞
CVE-2020-7592多款Siemens产品安全漏洞

IV. Related Vulnerabilities

Same product: LOGO! 8 BM (incl. SIPLUS variants)
Same vendor: Siemens AG
Same weakness: CWE-120

V. Comments for CVE-2020-7593

No comments yet

Leave a comment