Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2022-36360

Published: 11/10/2022 Updated: 21/07/2023
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Siemens

Vulnerability Summary

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Affected devices load firmware updates without checking the authenticity. Furthermore the integrity of the unencrypted firmware is only verified by a non-cryptographic method. This could allow an malicious user to manipulate a firmware update and flash it to the device.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

siemens logo\\!_8_bm_firmware

siemens logo\\!8_bm_fs-05_firmware

ICS Advisories

Siemens LOGO!
Critical Infrastructure Sectors: Commercial Facilities, Transportation Systems

References

CWE-345CWE-354https://cert-portal.siemens.com/productcert/pdf/ssa-928782.pdfhttps://nvd.nist.govhttps://www.cisa.gov/uscert/ics/advisories/icsa-22-286-01
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook