Main Vulnerability Database Vulnerabilities #VU68119

#VU68119 Information disclosure in LOGO!8 BM - CVE-2022-36363

Published: October 11, 2022

Vulnerability identifier: #VU68119

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2022-36363

CWE-ID: CWE-200

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
LOGO!8 BM

Software vendor:
Siemens

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the affected device does not properly validate an offset value which can be defined in TCP packets when calling a method. A remote attacker can retrieve parts of the content of the memory.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://cert-portal.siemens.com/productcert/pdf/ssa-955858.pdf

#VU68119 Information disclosure in LOGO!8 BM - CVE-2022-36363

Description

Remediation

External links

Please verify you're human