Vulnerabilities > CVE-2020-25231 - Use of Hard-coded Cryptographic Key vulnerability in Siemens Logo! 8 BM Firmware and Logo! Soft Comfort

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
local
low complexity
siemens
CWE-321

Summary

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The encryption of program data for the affected devices uses a static key. An attacker could use this key to extract confidential information from protected program files.

Common Weakness Enumeration (CWE)