Vulnetix
Try Vulnetix Request Demo
CVE-2025-40815 PUBLISHED CVSS 7.199999809265137 HIGH

A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA2) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA2) (All versions), LOGO! 230RCE (6ED1052-1FB08-0BA2) (All versions), LOGO! 230RCEo (6ED1052-2FB08-0BA2) (All versions), LOGO! 24CE (6ED1052-1CC08-0BA2) (All versions), LOGO! 24CEo (6ED1052-2CC08-0BA2) (All versions), LOGO! 24RCE (6ED1052-1HB08-0BA2) (All versions), LOGO! 24RCEo (6ED1052-2HB08-0BA2) (All versions), SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA2) (All versions), SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA2) (All versions), SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA2) (All versions), SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA2) (All versions), SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA2) (All versions), SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA2) (All versions), SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA2) (All versions), SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA2) (All versions). Affected devices do not properly validate the structure of TCP packets in several methods. This could allow an attacker to cause buffer overflows, get control over the instruction counter and run custom code.

EPSS 0.08% · 22.6th percentile

Risk Scores

CVSS v3.1
7.199999809265137
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.08%
22.6th percentile

Affected Products

VendorProductVersions
SiemensLOGO! 12/24RCEo0
SiemensSIPLUS LOGO! 24CE0
SiemensSIPLUS LOGO! 24CEo0
SiemensLOGO! 24RCEo0
SiemensLOGO! 230RCEo0
SiemensSIPLUS LOGO! 24RCEo0
SiemensSIPLUS LOGO! 230RCE0
SiemensLOGO! 24CE0
SiemensLOGO! 24CEo0
SiemensSIPLUS LOGO! 230RCEo0
SiemensSIPLUS LOGO! 24RCE0
SiemensLOGO! 12/24RCE0
SiemensSIPLUS LOGO! 12/24RCE0
SiemensSIPLUS LOGO! 12/24RCEo0
SiemensLOGO! 230RCE0
SiemensLOGO! 24RCE0

Timeline

References

Open in Interactive Console →