Siemens LOGO! 8 BM RCE and DoS Vulnerabilities (CVE-2025-40815/40816/40817)

Critical Vulnerability Information Vulnerability Overview: Multiple vulnerabilities exist in LOGO! 8 BM devices: - Affected models: LOGO! V8.4 BM, SIPLUS LOGO! V8.4 BM - The vulnerabilities allow attackers to execute code remotely, leading to denial-of-service conditions or altered device behavior. Vulnerability IDs and Descriptions: CVE-2025-40815: The device does not properly validate TCP packet structures in multiple methods, potentially leading to buffer overflow, control of the instruction counter, and execution of custom code. CVE-2025-40816: During interaction with the device, certain validations are not performed, allowing unauthenticated remote attackers to manipulate the device’s IP address, rendering the device inaccessible. CVE-2025-40817: During interaction with the device, certain validations are not performed, allowing unauthenticated remote attackers to alter the device’s time, causing abnormal device behavior. CVSS Scores: For CVE-2025-40815: - CVSS v3.1 Base Score: 7.2 - CVSS v4.0 Base Score: 8.6 For CVE-2025-40816: - CVSS v3.1 Base Score: 7.6 - CVSS v4.0 Base Score: 7.2 For CVE-2025-40817: - CVSS v3.1 Base Score: 6.5 - CVSS v4.0 Base Score: 7.1 Mitigation Measures: Protect LSC access to devices using strong passwords. Restrict network access to port 10006/udp to trusted IP addresses. Additional Information: Siemens has identified specific mitigations and mitigation strategies to reduce risk. Siemens recommends customers follow general security guidelines and product-specific recommendations to enhance industrial security. Acknowledgments: Security Research Team - Thales Cybersecurity Services Australia reported these vulnerabilities.

Goal Reached Thanks to every supporter — we hit 100%!

Siemens LOGO! 8 BM RCE and DoS Vulnerabilities (CVE-2025-40815/40816/40817)