VDB

CISA-2025-40817

CISA-2025-40817 PUBLISHED CVSS 6.5 MEDIUM

Reported by siemens · Published November 11, 2025

A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA2) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA2) (All versions), LOGO! 230RCE (6ED1052-1FB08-0BA2) (All versions), LOGO! 230RCEo (6ED1052-2FB08-0BA2) (All versions), LOGO! 24CE (6ED1052-1CC08-0BA2) (All versions), LOGO! 24CEo (6ED1052-2CC08-0BA2) (All versions), LOGO! 24RCE (6ED1052-1HB08-0BA2) (All versions), LOGO! 24RCEo (6ED1052-2HB08-0BA2) (All versions), SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA2) (All versions), SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA2) (All versions), SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA2) (All versions), SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA2) (All versions), SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA2) (All versions), SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA2) (All versions), SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA2) (All versions), SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA2) (All versions). Affected devices do not conduct certain validations when interacting with them. This could allow an unauthenticated remote attacker to change time of the device, which means the device could behave differently.

Risk Scores

CVSS 3.1
6.5
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected Products

VendorProductVersions
SiemensLOGO! 12/24RCE0
SiemensLOGO! 12/24RCEo0
SiemensLOGO! 230RCE0
SiemensLOGO! 230RCEo0
SiemensLOGO! 24CE0
SiemensLOGO! 24CEo0
SiemensLOGO! 24RCE0
SiemensLOGO! 24RCEo0
SiemensSIPLUS LOGO! 12/24RCE0
SiemensSIPLUS LOGO! 12/24RCEo0
SiemensSIPLUS LOGO! 230RCE0
SiemensSIPLUS LOGO! 230RCEo0
SiemensSIPLUS LOGO! 24CE0
SiemensSIPLUS LOGO! 24CEo0
SiemensSIPLUS LOGO! 24RCE0
SiemensSIPLUS LOGO! 24RCEo0
SiemensLOGO! 24CE0, 0
SiemensSIPLUS LOGO! 230RCE0, 0
SiemensSIPLUS LOGO! 24RCE0, 0
SiemensSIPLUS LOGO! 24CE0, 0

…and 12 more

Timeline

  • Nov 11, 2025 CVE Published
  • Nov 12, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›