Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-25234

Summary
Assigner-siemens
Assigner Org ID-cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At-14 Dec, 2020 | 21:05
Updated At-04 Aug, 2024 | 15:33
Rejected At-
Credits

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The LOGO! program files generated and used by the affected components offer the possibility to save user-defined functions (UDF) in a password protected way. This protection is implemented in the software that displays the information. An attacker could reverse engineer the UDFs directly from stored program files.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:siemens
Assigner Org ID:cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At:14 Dec, 2020 | 21:05
Updated At:04 Aug, 2024 | 15:33
Rejected At:
▼CVE Numbering Authority (CNA)

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The LOGO! program files generated and used by the affected components offer the possibility to save user-defined functions (UDF) in a password protected way. This protection is implemented in the software that displays the information. An attacker could reverse engineer the UDFs directly from stored program files.

Affected Products
Vendor
Siemens AGSiemens
Product
LOGO! 8 BM (incl. SIPLUS variants)
Versions
Affected
  • All versions < V8.3
Vendor
Siemens AGSiemens
Product
LOGO! Soft Comfort
Versions
Affected
  • All versions < V8.3
Problem Types
TypeCWE IDDescription
CWECWE-321CWE-321: Use of Hard-coded Cryptographic Key
Type: CWE
CWE ID: CWE-321
Description: CWE-321: Use of Hard-coded Cryptographic Key
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf
x_refsource_MISC
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf
x_refsource_MISC
x_transferred
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:productcert@siemens.com
Published At:14 Dec, 2020 | 21:15
Updated At:16 Dec, 2020 | 15:48

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The LOGO! program files generated and used by the affected components offer the possibility to save user-defined functions (UDF) in a password protected way. This protection is implemented in the software that displays the information. An attacker could reverse engineer the UDFs directly from stored program files.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.7HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Primary2.03.6LOW
AV:L/AC:L/Au:N/C:P/I:P/A:N
Type: Primary
Version: 3.1
Base score: 7.7
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Type: Primary
Version: 2.0
Base score: 3.6
Base severity: LOW
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:N
CPE Matches
Siemens AG
siemens
>>logo\!_8_bm_firmware>>Versions before 8.3(exclusive)
cpe:2.3:o:siemens:logo\!_8_bm_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>logo\!_8_bm>>-
cpe:2.3:h:siemens:logo\!_8_bm:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-321Primaryproductcert@siemens.com
CWE ID: CWE-321
Type: Primary
Source: productcert@siemens.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdfproductcert@siemens.com
Vendor Advisory
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf
Source: productcert@siemens.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

18Records found
CVE-2016-3155
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.4||LOW
EPSS-0.04% / 12.03%
||
7 Day CHG~0.00%
Published-18 Mar, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Siemens APOGEE Insight uses weak permissions for the application folder, which allows local users to obtain sensitive information or modify data via unspecified vectors.

Action-Not Available
Vendor-n/aSiemens AG
Product-apogee_insightn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2024-35206
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-8.5||HIGH
EPSS-0.33% / 55.43%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 11:15
Updated-11 Feb, 2025 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). The affected application does not expire the session. This could allow an attacker to get unauthorized access.

Action-Not Available
Vendor-Siemens AG
Product-sinec_traffic_analyzerSINEC Traffic Analyzersinec_traffic_analyzer
CWE ID-CWE-613
Insufficient Session Expiration
CVE-2020-27002
Matching Score-8
Assigner-Siemens
ShareView Details
Matching Score-8
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.08% / 22.63%
||
7 Day CHG~0.00%
Published-09 Feb, 2021 | 15:38
Updated-04 Aug, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (All versions < V13.1.0.2). Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to access data in the context of the current process. (ZDI-CAN-12043)

Action-Not Available
Vendor-Siemens AG
Product-jt2goteamcenter_visualizationJT2GoTeamcenter Visualization
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-44318
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.16% / 36.37%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 11:03
Updated-12 Aug, 2025 | 11:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Affected devices use a hardcoded key to obfuscate the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that obtains a configuration backup to extract configuration information from the exported file.

Action-Not Available
Vendor-Siemens AG
Product-6gk5216-0ha00-2as6_firmware6gk5213-3bf00-2ab26gk5216-0ba00-2tb26gk5204-2aa00-2gf26gk5205-3bd00-2ab2_firmware6gk5213-3bd00-2ab2_firmware6gk5206-2rs00-2ac2_firmware6gk5224-4gs00-2fc26gk5328-4fs00-3ar36gk5213-3bd00-2tb26gk5206-2bs00-2fc26gk5205-3bb00-2ab26gk5206-2rs00-2ac26gk5206-2bs00-2fc2_firmware6gk5328-4fs00-2rr36gk5208-0ba00-2tb26gk5208-0ha00-2as6_firmware6gk5208-0ha00-2ts6_firmware6gk5205-3bb00-2ab2_firmware6gk5216-0ba00-2fc2_firmware6gk5224-4gs00-2tc26gk5206-2bb00-2ac26gk5206-2gs00-2tc26gk5326-2qs00-3ar3_firmware6gk5213-3bf00-2tb2_firmware6gk5216-3rs00-5ac2_firmware6gk5216-0ua00-5es66gk5206-2bd00-2ac26gk5216-4gs00-2tc2_firmware6gk5328-4ss00-2ar36gk5216-4bs00-2ac26gk5208-0ha00-2as66gk5213-3bb00-2ab26gk5213-3bb00-2ab2_firmware6gk5208-0ba00-2ac26gk5216-4bs00-2ac2_firmware6gk5208-0ba00-2fc26gk5216-0ba00-2ac2_firmware6gk5328-4fs00-3ar3_firmware6gk5204-0ba00-2gf2_firmware6gk5208-0ra00-5ac26gk5216-0ha00-2es66gk5216-0ha00-2es6_firmware6gk5224-4gs00-2tc2_firmware6gk5216-0ba00-2fc26gk5216-0ua00-5es6_firmware6gk5213-3bd00-2ab26ag1208-0ba00-7ac2_firmware6ag1206-2bs00-7ac26gk5208-0ra00-2ac2_firmware6gk5216-4gs00-2tc26ag1206-2bs00-7ac2_firmware6gk5224-4gs00-2fc2_firmware6gk5324-0ba00-2ar3_firmware6gk5206-2gs00-2ac26gk5208-0ha00-2ts66gk5326-2qs00-3ar36ag1206-2bb00-7ac2_firmware6ag1216-4bs00-7ac26gk5208-0ba00-2ab2_firmware6gk5206-2bd00-2ac2_firmware6gk5204-0ba00-2yf2_firmware6gk5206-2bs00-2ac26gk5328-4ss00-3ar36gk5208-0ga00-2tc2_firmware6gk5208-0ba00-2fc2_firmware6gk5205-3bf00-2tb26gk5206-2rs00-5ac26gk5205-3bd00-2tb26gk5328-4ss00-3ar3_firmware6gk5224-4gs00-2ac2_firmware6gk5324-0ba00-3ar3_firmware6gk5328-4fs00-3rr36gk5216-0ba00-2ab2_firmware6gk5328-4ss00-2ar3_firmware6gk5205-3bb00-2tb2_firmware6gk5216-0ba00-2ab26gk5216-4gs00-2fc26gk5213-3bd00-2tb2_firmware6gk5216-4gs00-2ac26gk5216-3rs00-5ac26gk5216-3rs00-2ac26gk5208-0ga00-2ac2_firmware6gk5205-3bf00-2ab26gk5208-0ga00-2ac26gk5224-4gs00-2ac26gk5206-2gs00-2tc2_firmware6gk5206-2gs00-2ac2_firmware6gk5208-0ga00-2fc2_firmware6gk5206-2rs00-5fc26gk5208-0ba00-2ac2_firmware6gk5326-2qs00-3rr36gk5328-4fs00-2ar3_firmware6gk5326-2qs00-3rr3_firmware6gk5208-0ra00-5ac2_firmware6gk5204-2aa00-2yf2_firmware6gk5204-2aa00-2yf26gk5216-0ha00-2ts66gk5205-3bf00-2ab2_firmware6gk5216-4gs00-2ac2_firmware6gk5206-2rs00-5ac2_firmware6gk5216-3rs00-2ac2_firmware6gk5208-0ba00-2tb2_firmware6gk5216-0ha00-2as66gk5204-0ba00-2yf26gk5208-0ua00-5es6_firmware6gk5204-2aa00-2gf2_firmware6gk5208-0ua00-5es66gk5213-3bb00-2tb26gk5216-0ba00-2tb2_firmware6gk5206-2bs00-2ac2_firmware6gk5208-0ga00-2tc26gk5206-2gs00-2fc2_firmware6gk5204-0ba00-2gf26gk5206-2bb00-2ac2_firmware6ag1206-2bb00-7ac26gk5213-3bb00-2tb2_firmware6gk5208-0ha00-2es66gk5205-3bf00-2tb2_firmware6gk5206-2rs00-5fc2_firmware6gk5216-4gs00-2fc2_firmware6gk5324-0ba00-3ar36gk5205-3bd00-2tb2_firmware6gk5328-4fs00-2ar36gk5216-0ba00-2ac26gk5206-2gs00-2fc26ag1208-0ba00-7ac26gk5328-4fs00-2rr3_firmware6ag1216-4bs00-7ac2_firmware6gk5224-0ba00-2ac2_firmware6gk5208-0ga00-2fc26gk5213-3bf00-2ab2_firmware6gk5208-0ra00-2ac26gk5328-4fs00-3rr3_firmware6gk5208-0ba00-2ab26gk5205-3bd00-2ab26gk5324-0ba00-2ar36gk5216-0ha00-2ts6_firmware6gk5213-3bf00-2tb26gk5224-0ba00-2ac26gk5208-0ha00-2es6_firmware6gk5205-3bb00-2tb2SCALANCE XC208SCALANCE XB213-3 (ST, E/IP)SCALANCE M876-3SCALANCE XR326-2C PoE WGSCALANCE MUM853-1 (EU)SCALANCE XB205-3 (ST, PN)SCALANCE XC216-4C G EECSCALANCE XB208 (E/IP)SCALANCE XP208SCALANCE XP208GSCALANCE M816-1 ADSL-RouterSCALANCE S615 LAN-RouterSCALANCE XP216G EECSCALANCE XP216EEC (V2)SCALANCE M804PBSCALANCE XP208G PoE EECSIPLUS NET SCALANCE XC208SCALANCE XB205-3LD (SC, E/IP)SCALANCE XP216SCALANCE XC206-2G PoE (54 V DC)SCALANCE S615 EEC LAN-RouterSCALANCE XP208PoE EECSCALANCE M876-4SCALANCE XB213-3LD (SC, PN)SCALANCE MUM856-1 (EU)SCALANCE MUM856-1 (RoW)SCALANCE XB213-3 (ST, PN)SCALANCE XF204-2BASCALANCE XC216-4C G (EIP Def.)SIPLUS NET SCALANCE XC206-2SCALANCE XC208G PoE (54 V DC)SCALANCE M874-2SCALANCE XB206-2 STSIPLUS NET SCALANCE XC206-2SFPSCALANCE XP216GSCALANCE XC206-2G PoE EEC (54 V DC)SCALANCE XC206-2G PoESCALANCE XC216SCALANCE XB213-3 (SC, PN)SCALANCE XC216-3G PoE (54 V DC)SCALANCE XF204GSCALANCE XB206-2 (ST/BFOC)SCALANCE XC206-2 (ST/BFOC)SCALANCE XC224SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)RUGGEDCOM RM1224 LTE(4G) NAMSCALANCE XC206-2SFP EECSCALANCE XP208EECSCALANCE XP216G PoE EECSCALANCE XC216EECSCALANCE XF204-2BA DNASCALANCE XC206-2 (SC)SCALANCE M826-2 SHDSL-RouterSCALANCE XC216-4C GSCALANCE XC216-3G PoESCALANCE M874-3SCALANCE XP216PoE EEC (V2)SCALANCE XB206-2LDSCALANCE XC224-4C G EECSCALANCE XC208EECSCALANCE XC208GSCALANCE XB208 (PN)SCALANCE XB216 (E/IP)SCALANCE XC206-2SFP G EECSCALANCE XF204SCALANCE XP208G EECSCALANCE XP216 (Ethernet/IP)SCALANCE XC206-2SFP GSCALANCE XC206-2SFP G (EIP DEF.)SCALANCE XR324WG (24 X FE, DC 24V)SCALANCE XB205-3 (ST, E/IP)SCALANCE XR328-4C WG (28xGE, DC 24V)SCALANCE XB206-2 SCSIPLUS NET SCALANCE XC216-4CSCALANCE XC208G PoESCALANCE XR324WG (24 x FE, AC 230V)RUGGEDCOM RM1224 LTE(4G) EUSCALANCE M812-1 ADSL-RouterSCALANCE XC224-4C G (EIP Def.)SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)SCALANCE XC216-4CSCALANCE XB216 (PN)SCALANCE XP216EECSCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)SCALANCE XR328-4C WG (28xGE, AC 230V)SCALANCE XC224-4C GSCALANCE M876-4 (EU)SCALANCE XP208G PPSCALANCE XB213-3LD (SC, E/IP)SCALANCE XB213-3 (SC, E/IP)SCALANCE XB205-3LD (SC, PN)SCALANCE M876-3 (ROK)SCALANCE XB205-3 (SC, PN)SCALANCE XC208G EECSCALANCE XP216POE EECSCALANCE XR326-2C PoE WG (without UL)SCALANCE M876-4 (NAM)SCALANCE XP216 (V2)SCALANCE XB206-2 (SC)SCALANCE XP208 (Ethernet/IP)SCALANCE XC206-2SFPSCALANCE XB206-2 LDSCALANCE XC208G (EIP def.)SCALANCE XF204 DNA
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CVE-2021-27392
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-8.8||HIGH
EPSS-0.24% / 47.42%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 20:42
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Siveillance Video Open Network Bridge (2020 R3), Siveillance Video Open Network Bridge (2020 R2), Siveillance Video Open Network Bridge (2020 R1), Siveillance Video Open Network Bridge (2019 R3), Siveillance Video Open Network Bridge (2019 R2), Siveillance Video Open Network Bridge (2019 R1), Siveillance Video Open Network Bridge (2018 R3), Siveillance Video Open Network Bridge (2018 R2). Affected Open Network Bridges store user credentials for the authentication between ONVIF clients and ONVIF server using a hard-coded key. The encrypted credentials can be retrieved via the MIP SDK. This could allow an authenticated remote attacker to retrieve and decrypt all credentials stored on the ONVIF server.

Action-Not Available
Vendor-Siemens AG
Product-siveillance_video_open_network_bridgeSiveillance Video Open Network Bridge
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2021-27389
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 60.63%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 20:42
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Opcenter Quality (All versions < V12.2), QMS Automotive (All versions < V12.30). A private sign key is shipped with the product without adequate protection.

Action-Not Available
Vendor-Siemens AG
Product-opcenter_qualityqms_automotiveQMS AutomotiveOpcenter Quality
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CVE-2020-25231
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 19.60%
||
7 Day CHG~0.00%
Published-14 Dec, 2020 | 21:05
Updated-04 Aug, 2024 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The encryption of program data for the affected devices uses a static key. An attacker could use this key to extract confidential information from protected program files.

Action-Not Available
Vendor-Siemens AG
Product-logo\!_soft_comfortlogo\!_8_bmlogo\!_8_bm_firmwareLOGO! 8 BM (incl. SIPLUS variants)LOGO! Soft Comfort
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2024-46889
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.30% / 53.23%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 12:49
Updated-13 Nov, 2024 | 23:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application uses hard-coded cryptographic key material to obfuscate configuration files. This could allow an attacker to learn that cryptographic key material through reverse engineering of the application binary and decrypt arbitrary backup files.

Action-Not Available
Vendor-Siemens AG
Product-sinec_insSINEC INSsinec_ins
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CVE-2019-13929
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.28%
||
7 Day CHG~0.00%
Published-10 Oct, 2019 | 13:49
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC IT UADM (All versions < V1.3). An authenticated remote attacker with network access to port 1434/tcp of SIMATIC IT UADM could potentially recover a password that can be used to gain read and write access to the related TeamCenter station. The security vulnerability could be exploited only if the attacker is authenticated. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises the confidentiality of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-simatic_it_uadmSIMATIC IT UADM
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CWE ID-CWE-330
Use of Insufficiently Random Values
CVE-2024-30207
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-10||CRITICAL
EPSS-1.90% / 82.89%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 10:02
Updated-02 Aug, 2024 | 01:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA30) (All versions < V3.0.1.1). The affected systems use symmetric cryptography with a hard-coded key to protect the communication between client and server. This could allow an unauthenticated remote attacker to compromise confidentiality and integrity of the communication and, subsequently, availability of the system. A successful exploit requires the attacker to gain knowledge of the hard-coded key and to be able to intercept the communication between client and server on the network.

Action-Not Available
Vendor-Siemens AG
Product-SIMATIC RTLS Locating Managersimatic_rtls_locating_manager
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CVE-2020-28395
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-5.9||MEDIUM
EPSS-0.17% / 38.24%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 00:00
Updated-04 Aug, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.0). Devices do not create a new unique private key after factory reset. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.

Action-Not Available
Vendor-Siemens AG
Product-scalance_xr326-2c_poe_wg_firmwarescalance_xr324-12mscalance_xr324-12m_tsscalance_xr324-4m_eecscalance_xr324-4m_poescalance_xr328-4c_wgscalance_xr324-4m_poe_firmwarescalance_xr324wgscalance_xr324-4m_eec_firmwarescalance_xr324-12m_ts_firmwarescalance_xr326-2c_poe_wgscalance_xr324wg_firmwarescalance_xr328-4c_wg_firmwarescalance_xr324-4m_poe_tsscalance_xr324-4m_poe_ts_firmwarescalance_xr324-12m_firmwareSCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants)SCALANCE X-200RNA switch family
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-28391
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-5.9||MEDIUM
EPSS-0.12% / 31.88%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 00:00
Updated-04 Aug, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0), SCALANCE X-200RNA switch family (All versions < V3.2.7). Devices create a new unique key upon factory reset, except when used with C-PLUG. When used with C-PLUG the devices use the hardcoded private RSA-key shipped with the firmware-image. An attacker could leverage this situation to a man-in-the-middle situation and decrypt previously captured traffic.

Action-Not Available
Vendor-Siemens AG
Product-scalance_xc208scalance_xf206-1_firmwarescalance_xb205-3scalance_xc216eec_firmwarescalance_x320-1fe_firmwarescalance_xp208scalance_xc206-2sfp_g_\(e\/ip\)scalance_xc224-4c_g_eec_firmwarescalance_xc206-2sfp_g_eec_firmwarescalance_xp216scalance_xb213-3_firmwarescalance_x202-2irtscalance_xb205-3ldscalance_xc208g_eecscalance_xf204-2scalance_xc206-2sfp_g_firmwarescalance_xc216-4c_g_\(e\/ip\)_firmwarescalance_xb205-3_firmwarescalance_x308-2lh\+_firmwarescalance_x308-2ld_firmwarescalance_xb216_firmwarescalance_xp216poe_eec_firmwarescalance_xb213-3ldscalance_xf204-2ba_irtscalance_xc206-2g_poe__firmwarescalance_xf208_firmwarescalance_xc208g_eec_firmwarescalance_x204irt_firmwarescalance_xf204scalance_x308-2lh\+scalance_x202-2pirtscalance_xc208eec_firmwarescalance_xf204_dnascalance_xc208g_poescalance_x307-3_firmwarescalance_xc224-4c_g_\(e\/ip\)_firmwarescalance_xb213-3ld_firmwarescalance_x310fe_firmwarescalance_xf204-2ba_irt_firmwarescalance_x308-2ldscalance_xc216scalance_x308-2scalance_x200-4pirtscalance_xc206-2sfp_g_eecscalance_x201-3pirtscalance_xc206-2sfp_g_\(e\/ip\)_firmwarescalance_xp216eec_firmwarescalance_xc208g_\(e\/ip\)_firmwarescalance_xp208eecscalance_x202-2pirt_siplus_netscalance_xb208scalance_x308-2m_tsscalance_xc206-2g_poe_eecscalance_xc216-4c_g_firmwarescalance_xc206-2g_poe_scalance_x202-2irt_firmwarescalance_x307-3ldscalance_xc224__firmwarescalance_xf201-3p_irt_firmwarescalance_xc206-2sfp_gscalance_xp208poe_eecscalance_xf204-2ba_dnascalance_xc206-2_firmwarescalance_xb213-3scalance_x310fescalance_xc224-4c_g_scalance_xc216-4c_firmwarescalance_xp216poe_eecscalance_x308-2_firmwarescalance_xc216-4c_g_\(e\/ip\)scalance_x320-3ldfe_firmwarescalance_x307-3ld_firmwarescalance_x308-2lhscalance_x202-2pirt_firmwarescalance_x201-3pirt_firmwarescalance_x310scalance_xb205-3ld_firmwarescalance_xc224-4c_g_eecscalance_xc224_scalance_xp216_\(eip\)_firmwarescalance_xc216eecscalance_xf204_firmwarescalance_x308-2m_firmwarescalance_xp208_\(eip\)scalance_xc208gscalance_xb216scalance_xf204-2_firmwarescalance_xf202-2p_irtscalance_x308-2mscalance_xc206-2g_poe_eec_firmwarescalance_xc216_firmwarescalance_xc208eecscalance_xc206-2sfp_eec_firmwarescalance_xc216-4cscalance_x202-2pirt_siplus_net_firmwarescalance_xf204_dna_firmwarescalance_xc208g_firmwarescalance_xc206-2sfpscalance_xc208_firmwarescalance_x308-2m_ts_firmwarescalance_xp216_\(eip\)scalance_xf201-3p_irtscalance_xf208scalance_xp208_\(eip\)_firmwarescalance_xf204irtscalance_xp208eec_firmwarescalance_x204irtscalance_xc206-2sfp_firmwarescalance_xc208g_\(e\/ip\)scalance_xb208_firmwarescalance_xc224-4c_g__firmwarescalance_x308-2lh_firmwarescalance_xc206-2scalance_x320-3ldfescalance_xc208g_poe_firmwarescalance_xf206-1scalance_x310_firmwarescalance_x200-4pirt_firmwarescalance_xf204-2ba_dna_firmwarescalance_xc224-4c_g_\(e\/ip\)scalance_x320-1fescalance_xc216-4c_g_eec_firmwarescalance_xf202-2p_irt_firmwarescalance_xp216_firmwarescalance_x307-3scalance_xp208_firmwarescalance_xp208poe_eec_firmwarescalance_xp216eecscalance_xf204irt_firmwarescalance_xc216-4c_g_eecscalance_xc206-2sfp_eecscalance_xc216-4c_gSCALANCE X-200RNA switch familySCALANCE X-200 switch family (incl. SIPLUS NET variants)SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-25233
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 19.60%
||
7 Day CHG~0.00%
Published-14 Dec, 2020 | 21:05
Updated-04 Aug, 2024 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The firmware update of affected devices contains the private RSA key that is used as a basis for encryption of communication with the device.

Action-Not Available
Vendor-Siemens AG
Product-logo\!_8_bmlogo\!_8_bm_firmwareLOGO! 8 BM (incl. SIPLUS variants)
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CVE-2020-25229
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.15% / 35.95%
||
7 Day CHG~0.00%
Published-14 Dec, 2020 | 21:05
Updated-04 Aug, 2024 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The implemented encryption for communication with affected devices is prone to replay attacks due to the usage of a static key. An attacker could change the password or change the configuration on any affected device if using prepared messages that were generated for another device.

Action-Not Available
Vendor-Siemens AG
Product-logo\!_8_bmlogo\!_8_bm_firmwareLOGO! 8 BM (incl. SIPLUS variants)
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2019-10920
Matching Score-6
Assigner-Siemens
ShareView Details
Matching Score-6
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.81% / 73.80%
||
7 Day CHG~0.00%
Published-14 May, 2019 | 19:54
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Project data stored on the device, which is accessible via port 10005/tcp, can be decrypted due to a hardcoded encryption key. The security vulnerability could be exploited by an unauthenticated attacker with network access to port 10005/tcp. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-logo\!8_bm_firmwarelogo\!8_bmLOGO! 8 BM (incl. SIPLUS variants)
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2024-56429
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.7||HIGH
EPSS-0.02% / 6.10%
||
7 Day CHG~0.00%
Published-21 May, 2025 | 00:00
Updated-21 May, 2025 | 20:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

itech iLabClient 3.7.1 relies on the hard-coded YngAYdgAE/kKZYu2F2wm6w== key (found in iLabClient.jar) for local users to read or write to the database.

Action-Not Available
Vendor-itech
Product-iLabClient
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CVE-2018-10896
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.11% / 30.05%
||
7 Day CHG~0.00%
Published-01 Aug, 2018 | 17:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The default cloud-init configuration, in cloud-init 0.6.2 and newer, included "ssh_deletekeys: 0", disabling cloud-init's deletion of ssh host keys. In some environments, this could lead to instances created by cloning a golden master or template system, sharing ssh host keys, and being able to impersonate one another or conduct man-in-the-middle attacks.

Action-Not Available
Vendor-Canonical Ltd.
Product-cloud-initcloud-init
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CVE-2021-23842
Matching Score-4
Assigner-Robert Bosch GmbH
ShareView Details
Matching Score-4
Assigner-Robert Bosch GmbH
CVSS Score-5.7||MEDIUM
EPSS-0.03% / 7.12%
||
7 Day CHG~0.00%
Published-19 Jan, 2022 | 20:38
Updated-16 Sep, 2024 | 21:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use of Hard-coded Cryptographic Key

Communication to the AMC2 uses a state-of-the-art cryptographic algorithm for symmetric encryption called Blowfish. An attacker could retrieve the key from the firmware to decrypt network traffic between the AMC2 and the host system. Thus, an attacker can exploit this vulnerability to decrypt and modify network traffic, decrypt and further investigate the device\'s firmware file, and change the device configuration. The attacker needs to have access to the local network, typically even the same subnet.

Action-Not Available
Vendor-Robert Bosch GmbH
Product-access_management_systemaccess_professional_editionamc2_firmwarebuilding_integration_systemamc2BISAMSAPEAMC2
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CWE ID-CWE-798
Use of Hard-coded Credentials
Details not found