cbcvebase.
CVE-2020-7593
published 2020-07-14

CVE-2020-7593: A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (V1.81.01 - V1.81.03), LOGO! 8 BM (incl. SIPLUS variants) (V1.82.01), LOGO! 8 BM…

PriorityP264critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
9.07%
94.7th percentile
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (V1.81.01 - V1.81.03), LOGO! 8 BM (incl. SIPLUS variants) (V1.82.01), LOGO! 8 BM (incl. SIPLUS variants) (V1.82.02). A buffer overflow vulnerability exists in the Web Server functionality of the device. A remote unauthenticated attacker could send a specially crafted HTTP request to cause a memory corruption, potentially resulting in remote code execution.

Affected

6 ranges
VendorProductVersion rangeFixed in
siemenslogo_!_8_bm_firmware
siemenslogo_!_8_bm_firmware
siemenslogo_!_8_bm_firmware1.81.01 – 1.81.03
siemens_aglogo!_8_bm
siemens_aglogo!_8_bm
siemens_aglogo!_8_bm

Detection & IOCsextracted from sources · hover to see the quote

snort
Snort Rules: 53441 - 53445, 53484
  • Exploit vector is a specially crafted unauthenticated HTTP request to the LOGO! 8 BM web server; detect anomalous/oversized HTTP requests targeting the device's web server interface.
  • No authentication is required to trigger the vulnerability; any unauthenticated HTTP request causing memory corruption to the LOGO! web server should be treated as suspicious.
  • CVSS vector indicates network-accessible, no privileges required, no user interaction — prioritize perimeter detection for inbound HTTP to LOGO! 8 BM devices.
  • ·Snort rules for this CVE are subject to change; always pull the latest rule definitions from Firepower Management Center or Snort.org rather than relying on static rule numbers.
  • ·No known public exploits specifically target this vulnerability at time of advisory publication — detection should focus on anomaly-based HTTP inspection rather than signature-matching known exploit payloads.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.