CVE-2022-42784

Published Dec 12, 2023

Last updated 2 months ago

CVSS medium 6.8

Overview

Description: A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions >= V8.3), LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) (All versions >= V8.3), LOGO! 230RCE (6ED1052-1FB08-0BA1) (All versions >= V8.3), LOGO! 230RCEo (6ED1052-2FB08-0BA1) (All versions >= V8.3), LOGO! 24CE (6ED1052-1CC08-0BA1) (All versions >= V8.3), LOGO! 24CEo (6ED1052-2CC08-0BA1) (All versions >= V8.3), LOGO! 24RCE (6ED1052-1HB08-0BA1) (All versions >= V8.3), LOGO! 24RCEo (6ED1052-2HB08-0BA1) (All versions >= V8.3), SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) (All versions >= V8.3). Affected devices are vulnerable to an electromagnetic fault injection. This could allow an attacker to dump and debug the firmware, including the manipulation of memory. Further actions could allow to inject public keys of custom created key pairs which are then signed by the product CA. The generation of a custom certificate allows communication with, and impersonation of, any device of the same version.
Source: productcert@siemens.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.8
Impact score: 5.9
Exploitability score: 0.9
Vector string: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: MEDIUM

Weaknesses

nvd@nist.gov: NVD-CWE-Other
productcert@siemens.com: CWE-1319

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6ed1052-1md08-0ba1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BF63E523-B73C-40B6-82CD-61F5E9E036BD"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6ed1052-1md08-0ba1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49CFFE4D-F33B-4CC7-B7C1-09D4459C148D",
            "versionEndIncluding": "8.3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6ed1052-2md08-0ba1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "640E9DE7-3BC8-4779-A0FC-D5DE721EC274"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6ed1052-2md08-0ba1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "392BF61C-6BDE-4443-96B3-BE43EF075805",
            "versionEndIncluding": "8.3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6ed1052-1cc08-0ba1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "13389F1B-C692-4699-AE9C-36BF985ADEEE"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6ed1052-1cc08-0ba1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21A02115-6B04-4D59-B2FF-2980A32795E3",
            "versionEndIncluding": "8.3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6ed1052-2cc08-0ba1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DF138437-1439-442F-BFF3-713C21A74ED9"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6ed1052-2cc08-0ba1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6B6824CB-8F80-4BF0-A859-C206F4E426A7",
            "versionEndIncluding": "8.3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6ed1052-1hb08-0ba1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55BBCF0F-F7EA-4707-A06A-91C16BD6A41C",
            "versionEndIncluding": "8.3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6ed1052-1hb08-0ba1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DEC8F8E5-40FD-49B9-A0CD-6610F67B4819"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6ed1052-2hb08-0ba1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1DEC2DB-E951-4E2D-B44C-CBF684F18EE2",
            "versionEndIncluding": "8.3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6ed1052-2hb08-0ba1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E2EC02D7-AE98-4869-B581-678844921EFA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6ed1052-1fb08-0ba1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D9FD5F0A-47A1-45CD-909E-F41CDA4F4B88",
            "versionEndIncluding": "8.3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6ed1052-1fb08-0ba1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3209F5DB-56FE-48B6-8901-82562B4B4A97"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6ed1052-2fb08-0ba1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "95B302F4-A5D7-4EF1-8AF8-8B687732303F",
            "versionEndIncluding": "8.3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6ed1052-2fb08-0ba1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D990B231-F468-4329-B4E8-560140EA94F8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6ag1052-1md08-7ba1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8482096D-CD87-4538-8DA5-91B0655AB365",
            "versionEndIncluding": "8.3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6ag1052-1md08-7ba1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "16B1E9E4-CE26-43BE-844F-E9FB45CF6226"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6ag1052-2md08-7ba1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66AA570A-4991-4A58-8C3B-B34E1D3DCCCE",
            "versionEndIncluding": "8.3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6ag1052-2md08-7ba1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "030718B7-DA0E-40D4-81DE-6089D24EC517"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6ag1052-1cc08-7ba1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AA994549-5EC0-4869-ABA0-6286813BE8EC",
            "versionEndIncluding": "8.3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6ag1052-1cc08-7ba1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D7C3D817-4A6F-473D-8BF6-33F6367FFD11"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6ag1052-2cc08-7ba1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "625CC724-188A-412B-A2E2-243470B35C54",
            "versionEndIncluding": "8.3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6ag1052-2cc08-7ba1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "29930065-2A85-4390-A4A3-462CCCDD7CF3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6ag1052-1hb08-7ba1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32A2500B-5501-46A1-9FEC-63E6F3266F37",
            "versionEndIncluding": "8.3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6ag1052-1hb08-7ba1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F524805D-724D-410D-88D1-E5960857D2C0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6ag1052-2hb08-7ba1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1499E52D-8CAA-41DC-BE0E-09FAEF7D5E2D",
            "versionEndIncluding": "8.3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6ag1052-2hb08-7ba1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ED26BB98-2858-4B93-A919-861B325A1743"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6ag1052-1fb08-7ba1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41DC2572-8CB0-4B0E-B6CC-AE964AE6A4A5",
            "versionEndIncluding": "8.3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6ag1052-1fb08-7ba1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4F37713D-A17C-43EF-AB20-75C93AFC54DB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6ag1052-2fb08-7ba1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8829195-4956-410F-BFF6-C8AD4F1E3151",
            "versionEndIncluding": "8.3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6ag1052-2fb08-7ba1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4EA89AEC-BF2B-4500-9B3C-8460276AE2C2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References