Siemens has plugged a man-in-the-middle vulnerability in its LOGO!8 BM FS-05 industrial automation hardware – but a second remains unpatched.
The vulnerabilities were turned up by German researcher Maxim Rupp.
According to Siemens' advisory, CVE-2017-12734 can be exploited by an attacker to sniff the session ID from an active user session.
If the devices' admin web server is visible from the internet and a user is logged in, that would allow a remote attacker to hijack the admin session.
The equipment maker notes the admin interface should be restricted to trusted networks.
All versions of Logo!8 BM older than 1.18.2 are vulnerable and need a firmware update.