CNNVD-202511-993 Information
CNNVD ID
CNNVD-202511-993
Related CVE
- CNNVD Published: 2025-11-11
Description (Chinese)
Siemens LOGO!是德国西门子(Siemens)公司的一款可编程逻辑控制器。 Siemens多款产品存在安全漏洞,该漏洞源于未正确验证TCP包结构,可能导致缓冲区溢出和执行任意代码。以下产品受到影响:LOGO!12/24RCE、LOGO!12/24RCEo、LOGO!230RCE、LOGO!230RCEo、LOGO!24CE、LOGO!24CEo、LOGO!24RCE、SIPLUS LOGO!12/24RCE、SIPLUS LOGO!12/24RCEo、SIPLUS LOGO!230RCE、SIPLUS LOGO!230RCEo、SIPLUS LOGO!24CE、SIPLUS LOGO! 24CEo、SIPLUS LOGO!24RCE和SIPLUS LOGO!24RCEo。
Description (English)
Siemens Logo! A programmable logical controller for Siemens, Germany. There is a safety gap in the Siemens multi-products, which stems from the incorrect validation of the TCP package structure, which could lead to the spilling out of the buffer zone and the implementation of any code. The following products have been affected: LOGO 12/24RCE, LOGO 12/24RCEO, LOGO 230RCE, LOGO 230RCEO, LOGO!24CE, LOGO 24CO 24RCE 24
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
西门子
Published
2025-11-11
Last Modified
2026-02-24
References
https://cert-portal.siemens.com/productcert/html/ssa-267056.html https://access.redhat.com/security/cve/cve-2025-40815
Patch
https://www.siemens.com/global/en/products/services/cert.html?s=SSA-267056#SiemensSecurityAdvisories
Share on: