VDB
CVE-2020-7593
CVE-2020-7593
PUBLISHED
CVSS 9.800000190734863 CRITICAL
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (V1.81.01 - V1.81.03), LOGO! 8 BM (incl. SIPLUS variants) (V1.82.01), LOGO! 8 BM (incl. SIPLUS variants) (V1.82.02). A buffer overflow vulnerability exists in the Web Server functionality of the device. A remote unauthenticated attacker could send a specially crafted HTTP request to cause a memory corruption, potentially resulting in remote code execution.
EPSS 17.29% · 95.2th percentile
Risk Scores
CVSS v3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
17.29%
95.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens AG | LOGO! 8 BM (incl. SIPLUS variants) | V1.81.01 - V1.81.03, V1.82.01, V1.82.02 |
| siemens | logo\!_8_bm_firmware | 1.81.01, 1.82.01, 1.82.02 |
Timeline
- Jul 14, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Oct 25, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 27, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 2, 2022 EPSS Score
- Nov 5, 2022 EPSS Score
- Jan 7, 2023 EPSS Score
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-589181.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-631949.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-573753.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-604937.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-508982.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-364335.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-305120.pdf advisory
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1069 url
- https://nvd.nist.gov/vuln/detail/CVE-2020-7593 advisory