Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-mgxw-53vp-m2rh

Опубликовано: 11 окт. 2022
Источник: github
Github: Не прошло ревью
CVSS3: 7.5

Описание

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions). Affected devices do not conduct certain validations when interacting with them. This could allow an unauthenticated remote attacker to manipulate the devices IP address, which means the device would not be reachable and could only be recovered by power cycling the device.

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions). Affected devices do not conduct certain validations when interacting with them. This could allow an unauthenticated remote attacker to manipulate the devices IP address, which means the device would not be reachable and could only be recovered by power cycling the device.

Ссылки

EPSS

Процентиль: 74%
0.00809
Низкий

7.5 High

CVSS3

CVE ID

CVE-2022-36362

Дефекты

CWE-20

Связанные уязвимости

nvd логотип

CVE-2022-36362

CVSS3: 7.5
nvd
больше 3 лет назад

A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions), LOGO! 12/24RCE (6ED1052-1MD08-0BA2) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA2) (All versions), LOGO! 230RCE (6ED1052-1FB08-0BA1) (All versions), LOGO! 230RCE (6ED1052-1FB08-0BA2) (All versions), LOGO! 230RCEo (6ED1052-2FB08-0BA1) (All versions), LOGO! 230RCEo (6ED1052-2FB08-0BA2) (All versions), LOGO! 24CE (6ED1052-1CC08-0BA1) (All versions), LOGO! 24CE (6ED1052-1CC08-0BA2) (All versions), LOGO! 24CEo (6ED1052-2CC08-0BA1) (All versions), LOGO! 24CEo (6ED1052-2CC08-0BA2) (All versions), LOGO! 24RCE (6ED1052-1HB08-0BA1) (All versions), LOGO! 24RCE (6ED1052-1HB08-0BA2) (All versions), LOGO! 24RCEo (6ED1052-2HB08-0BA1) (All versions), LOGO! 24RCEo (6ED1052-2HB08-0BA2) (All versions), SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) (All versions), SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA2) (All versions), SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7

fstec логотип

BDU:2024-07805

CVSS3: 7.5
fstec
больше 3 лет назад

Уязвимость микропрограммного обеспечения программируемых логических контроллеров Siemens LOGO!8 BM и SIPLUS LOGO!, связанная с недостаточной проверкой входных данных, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 74%
0.00809
Низкий

7.5 High

CVSS3

CVE ID

CVE-2022-36362

Дефекты

CWE-20