ICS-CERT has released an alert on a Siemens LOGO! Soft Comfort vulnerability. All versions of LOGO! Soft Comfort prior to V8.2 are affected. Successful exploitation of this vulnerability could allow a remote attacker in a privileged network position to manipulate a software package during download. Siemens removed the Update Center from LOGO! Soft Comfort V8.2 and provides SHA-256 checksums for all LOGO! Soft Comfort software packages via a secured HTTPS channel. Siemens recommends verifying legitimacy by comparing the SHA-256 checksum of the downloaded software package with the SHA-256 checksum provided for the software package. ICS-CERT also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability. ICS-CERT.