CVE-2022-42784
published 2023-12-12CVE-2022-42784: A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions >= V8.3), LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) (All versions >= V8.3)…
PriorityP429medium6.8CVSS 3.1
AVPACLPRNUINSUCHIHAH
EPSS
0.25%
15.9th percentile
A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions >= V8.3), LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) (All versions >= V8.3), LOGO! 230RCE (6ED1052-1FB08-0BA1) (All versions >= V8.3), LOGO! 230RCEo (6ED1052-2FB08-0BA1) (All versions >= V8.3), LOGO! 24CE (6ED1052-1CC08-0BA1) (All versions >= V8.3), LOGO! 24CEo (6ED1052-2CC08-0BA1) (All versions >= V8.3), LOGO! 24RCE (6ED1052-1HB08-0BA1) (All versions >= V8.3), LOGO! 24RCEo (6ED1052-2HB08-0BA1) (All versions >= V8.3), SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) (All versions >= V8.3). Affected devices are vulnerable to an electromagnetic fault injection. This could allow an attacker to dump and debug the firmware, including the manipulation of memory. Further actions could allow to inject public keys of custom created key pairs which are then signed by the product CA. The generation of a custom certificate allows communication with, and impersonation of, any device of the same version.
Affected
32 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | 6ag1052-1cc08-7ba1_firmware | <= 8.3 | — |
| siemens | 6ag1052-1fb08-7ba1_firmware | <= 8.3 | — |
| siemens | 6ag1052-1hb08-7ba1_firmware | <= 8.3 | — |
| siemens | 6ag1052-1md08-7ba1_firmware | <= 8.3 | — |
| siemens | 6ag1052-2cc08-7ba1_firmware | <= 8.3 | — |
| siemens | 6ag1052-2fb08-7ba1_firmware | <= 8.3 | — |
| siemens | 6ag1052-2hb08-7ba1_firmware | <= 8.3 | — |
| siemens | 6ag1052-2md08-7ba1_firmware | <= 8.3 | — |
| siemens | 6ed1052-1cc08-0ba1_firmware | <= 8.3 | — |
| siemens | 6ed1052-1fb08-0ba1_firmware | <= 8.3 | — |
| siemens | 6ed1052-1hb08-0ba1_firmware | <= 8.3 | — |
| siemens | 6ed1052-1md08-0ba1_firmware | <= 8.3 | — |
| siemens | 6ed1052-2cc08-0ba1_firmware | <= 8.3 | — |
| siemens | 6ed1052-2fb08-0ba1_firmware | <= 8.3 | — |
| siemens | 6ed1052-2hb08-0ba1_firmware | <= 8.3 | — |
| siemens | 6ed1052-2md08-0ba1_firmware | <= 8.3 | — |
| siemens | logo!_12_24rce | >= V8.3 < * | * |
| siemens | logo!_12_24rceo | >= V8.3 < * | * |
| siemens | logo!_230rce | >= V8.3 < * | * |
| siemens | logo!_230rceo | >= V8.3 < * | * |
| siemens | logo!_24ce | >= V8.3 < * | * |
| siemens | logo!_24ceo | >= V8.3 < * | * |
| siemens | logo!_24rce | >= V8.3 < * | * |
| siemens | logo!_24rceo | >= V8.3 < * | * |
| siemens | siplus_logo!_12_24rce | >= V8.3 < * | * |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Siemens LOGO! and SIPLUS LOGO!
cisa_ics·2023-12-14
Siemens LOGO! and SIPLUS LOGO!
ICS Advisory
##
Siemens LOGO! and SIPLUS LOGO!
Release DateDecember 14, 2023
Alert CodeICSA-23-348-04
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 7.6
- ATTENTION: Low Attack Complexity
- Vendor: Siemens
- Equipment: LOGO! and SIPLUS LOGO! Products
- Vulnerability: Improper Protection against Electromagnetic Fault Injection (EM-FI)
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could cause an electromagnetic fault injection, w
GHSA
GHSA-g38w-3g42-rgpg: A vulnerability has been identified in LOGO! 12/24RCE (All versions >= V8
ghsa_unreviewed·2023-12-12
CVE-2022-42784 [HIGH] CWE-1319 GHSA-g38w-3g42-rgpg: A vulnerability has been identified in LOGO! 12/24RCE (All versions >= V8
A vulnerability has been identified in LOGO! 12/24RCE (All versions >= V8.3), LOGO! 12/24RCEo (All versions >= V8.3), LOGO! 230RCE (All versions >= V8.3), LOGO! 230RCEo (All versions >= V8.3), LOGO! 24CE (All versions >= V8.3), LOGO! 24CEo (All versions >= V8.3), LOGO! 24RCE (All versions >= V8.3), LOGO! 24RCEo (All versions >= V8.3), SIPLUS LOGO! 12/24RCE (All versions >= V8.3), SIPLUS LOGO! 12/24RCEo (All versions >= V8.3), SIPLUS LOGO! 230RCE (All versions >= V8.3), SIPLUS LOGO! 230RCEo (All versions >= V8.3), SIPLUS LOGO! 24CE (All versions >= V8.3), SIPLUS LOGO! 24CEo (All versions >= V8.3), SIPLUS LOGO! 24RCE (All versions >= V8.3), SIPLUS LOGO! 24RCEo (All versions >= V8.3). Affected devices are vulnerable to an electromagnetic fault injection. This could allow an attacker to dump a
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-12-12
Published