Primary

Context

Siemens LOGO! Series Devices Time Manipulation Vulnerability

Vulnerability

A vulnerability exists in multiple Siemens LOGO! series devices, including the LOGO! 12/24RCE, LOGO! 230RCE, LOGO! 24CE, and their SIPLUS variants. All versions of these products are affected. The vulnerability arises because the devices fail to perform proper validations during interactions, allowing an unauthenticated remote attacker to alter the device's time. This manipulation could lead to unintended changes in the device's behavior.

Impact

Exploitation of this vulnerability allows for unauthorized time changes on the affected devices, potentially causing them to operate incorrectly.

Remediation

Users are advised to restrict network access to port 10006/udp to trusted IP addresses. For product-specific remediations or mitigations, refer to the Siemens Security Advisory SSA-267056.

Added: Nov 11, 2025, 9:34 PM

Updated: Nov 11, 2025, 9:34 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.5

remediation

0.0

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.5

remediation

0.0

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Siemens LOGO! Series Devices Time Manipulation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating