CVE-2020-7589
Last modified
CVE-2020-7589 is a critical-severity vulnerability rated 9.1/10 on the CVSS scale. A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions). EPSS estimates a 1.99% chance of exploitation in the next 30 days.
Description
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions). The vulnerability could lead to an attacker reading and modifying the device configuration and obtain project files from affected devices. The security vulnerability could be exploited by an unauthenticated attacker with network access to port 135/tcp. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Logo\! 8 Bm Firmware | All versions |
References
- https://www.us-cert.gov/ics/advisories/icsa-20-161-03Third Party Advisory, US Government Resource
- https://www.us-cert.gov/ics/advisories/icsa-20-161-03Third Party Advisory, US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-7589?
How severe is CVE-2020-7589?
How do I fix CVE-2020-7589?
Are you affected by CVE-2020-7589?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST