Security Advisory

CVE-2022-36360

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-10-11 00:00:00

Last updated 2024-08-03 10:00:04

Assigner siemens

State PUBLISHED

Description

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Affected devices load firmware updates without checking the authenticity. Furthermore the integrity of the unencrypted firmware is only verified by a non-cryptographic method. This could allow an attacker to manipulate a firmware update and flash it to the device.

← Browse all CVEs View on cve.org ↗