Vulnerability CVE-2022-36360


Published: 2022-10-11

Description:
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Affected devices load firmware updates without checking the authenticity. Furthermore the integrity of the unencrypted firmware is only verified by a non-cryptographic method. This could allow an attacker to manipulate a firmware update and flash it to the device.

 References:
https://cert-portal.siemens.com/productcert/pdf/ssa-928782.pdf

Copyright 2026, cxsecurity.com

 

Back to Top