CVE-2022-36361
published 2022-10-11CVE-2022-36361: A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) (All versions), LOGO! 230RCE…
PriorityP261critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.90%
55.2th percentile
A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) (All versions), LOGO! 230RCE (6ED1052-1FB08-0BA1) (All versions), LOGO! 230RCEo (6ED1052-2FB08-0BA1) (All versions), LOGO! 24CE (6ED1052-1CC08-0BA1) (All versions), LOGO! 24CEo (6ED1052-2CC08-0BA1) (All versions), LOGO! 24RCE (6ED1052-1HB08-0BA1) (All versions), LOGO! 24RCEo (6ED1052-2HB08-0BA1) (All versions), SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) (All versions), SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) (All versions), SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) (All versions), SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) (All versions), SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) (All versions), SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) (All versions), SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) (All versions), SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) (All versions). Affected devices do not properly validate the structure of TCP packets in several methods. This could allow an attacker to cause buffer overflows, get control over the instruction counter and run custom code.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | logo!_12_24rce | < * | * |
| siemens | logo!_12_24rceo | < * | * |
| siemens | logo!_230rce | < * | * |
| siemens | logo!_230rceo | < * | * |
| siemens | logo!_24ce | < * | * |
| siemens | logo!_24ceo | < * | * |
| siemens | logo!_24rce | < * | * |
| siemens | logo!_24rceo | < * | * |
| siemens | siplus_logo!_12_24rce | < * | * |
| siemens | siplus_logo!_12_24rceo | < * | * |
| siemens | siplus_logo!_230rce | < * | * |
| siemens | siplus_logo!_230rceo | < * | * |
| siemens | siplus_logo!_24ce | < * | * |
| siemens | siplus_logo!_24ceo | < * | * |
| siemens | siplus_logo!_24rce | < * | * |
| siemens | siplus_logo!_24rceo | < * | * |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for malformed or anomalous TCP packets targeting LOGO! 8 BM devices on ports 10005/TCP (pre-V8.3) and 8443/TCP (V8.3+); exploitation involves improper TCP packet structure validation leading to buffer overflow and instruction counter hijack. ↗
- →Alert on any unauthenticated remote connections to LOGO! 8 BM devices on the identified TCP ports from untrusted IP addresses; the vulnerability requires no authentication and has low attack complexity (CVSS AV:N/AC:L/PR:N/UI:N). ↗
- ·No public exploits were known at time of advisory publication, but the vulnerability is remotely exploitable with low attack complexity and no authentication required. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jhfv-fgvm-hh32: A vulnerability has been identified in LOGO! 8 BM (incl
ghsa_unreviewed·2022-10-11
CVE-2022-36361 [CRITICAL] CWE-120 GHSA-jhfv-fgvm-hh32: A vulnerability has been identified in LOGO! 8 BM (incl
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions). Affected devices do not properly validate the structure of TCP packets in several methods. This could allow an attacker to cause buffer overflows, get control over the instruction counter and run custom code.
CISA ICS
Siemens LOGO! 8 BM Devices
cisa_ics·2022-10-13·CVSS 9.8
[CRITICAL] Siemens LOGO! 8 BM Devices
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Siemens LOGO! 8 BM Devices
Last RevisedOctober 13, 2022
Alert CodeICSA-22-286-13
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: LOGO! 8 BM Devices
- Vulnerabilities: Buffer Copy without Checking Size of Input; Improper Input Validation; Improper Validation of Specified Index, Position, or Offset in Input.
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to execute code remotely, put the device into a denial-of-service state, or retrieve parts of the m
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-10-11
Published