VYPR
Unrated severityNVD Advisory· Published Dec 12, 2023· Updated Oct 8, 2024

CVE-2022-42784

CVE-2022-42784

Description

A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions >= V8.3), LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) (All versions >= V8.3), LOGO! 230RCE (6ED1052-1FB08-0BA1) (All versions >= V8.3), LOGO! 230RCEo (6ED1052-2FB08-0BA1) (All versions >= V8.3), LOGO! 24CE (6ED1052-1CC08-0BA1) (All versions >= V8.3), LOGO! 24CEo (6ED1052-2CC08-0BA1) (All versions >= V8.3), LOGO! 24RCE (6ED1052-1HB08-0BA1) (All versions >= V8.3), LOGO! 24RCEo (6ED1052-2HB08-0BA1) (All versions >= V8.3), SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) (All versions >= V8.3). Affected devices are vulnerable to an electromagnetic fault injection. This could allow an attacker to dump and debug the firmware, including the manipulation of memory. Further actions could allow to inject public keys of custom created key pairs which are then signed by the product CA. The generation of a custom certificate allows communication with, and impersonation of, any device of the same version.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

18
  • >= V8.3+ 12 more
    • (no CPE)range: >= V8.3
    • (no CPE)range: >= V8.3
    • (no CPE)range: V8.3
    • (no CPE)range: V8.3
    • (no CPE)range: V8.3
    • (no CPE)range: V8.3
    • (no CPE)range: V8.3
    • (no CPE)range: V8.3
    • (no CPE)range: V8.3
    • (no CPE)range: V8.3
    • (no CPE)range: V8.3
    • (no CPE)range: V8.3
    • (no CPE)range: V8.3
  • Siemens/LOGO! 230RCEv5
    Range: V8.3
  • Siemens/LOGO! 230RCEov5
    Range: V8.3
  • Siemens/LOGO! 24CEv5
    Range: V8.3
  • Siemens/LOGO! 24CEov5
    Range: V8.3
  • Siemens/SIPLUS LOGO! 230RCEov5
    Range: V8.3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.