A vulnerability has been identified in LOGO! Soft Comfort (All versions). The software insecurely loads libraries which makes it vulnerable to DLL hijacking. Successful exploitation by a local attacker could lead to a takeover of the system where the software is installed.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25244
Reference (s):
- https://cert-portal.siemens.com/productcert/pdf/ssa-983300.pdf
- URL: https://cert-portal.siemens.com/productcert/pdf/ssa-983300.pdf