Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Apogee_modular_equiment_controller_firmware
(Siemens)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 15 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-11-09 | CVE-2021-31882 | A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303). The DHCP client application does not validate the length of the Domain Name Server IP option(s) (0x06) when processing DHCP ACK packets. This may lead to Denial-of-Service conditions. (FSMD-2021-0011) | Apogee_modular_building_controller_firmware, Apogee_modular_equiment_controller_firmware, Apogee_pxc_compact_firmware, Apogee_pxc_modular_firmware, Capital_vstar, Nucleus_net, Nucleus_readystart_v3, Nucleus_source_code, Talon_tc_compact_firmware, Talon_tc_modular_firmware | 7.5 | ||
| 2021-11-09 | CVE-2021-31883 | A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303). When processing a DHCP ACK message, the DHCP client application does not validate the length of the Vendor option(s), leading to Denial-of-Service conditions. (FSMD-2021-0013) | Apogee_modular_building_controller_firmware, Apogee_modular_equiment_controller_firmware, Apogee_pxc_compact_firmware, Apogee_pxc_modular_firmware, Capital_vstar, Nucleus_net, Nucleus_readystart_v3, Nucleus_source_code, Talon_tc_compact_firmware, Talon_tc_modular_firmware | 7.5 | ||
| 2021-11-09 | CVE-2021-31884 | A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Capital VSTAR (All versions with enabled Ethernet... | Apogee_modular_building_controller_firmware, Apogee_modular_equiment_controller_firmware, Apogee_pxc_compact_firmware, Apogee_pxc_modular_firmware, Capital_vstar, Desigo_pxc001\-E\.d_firmware, Desigo_pxc00\-E\.d_firmware, Desigo_pxc00\-U_firmware, Desigo_pxc100\-E\.d_firmware, Desigo_pxc128\-U_firmware, Desigo_pxc12\-E\.d_firmware, Desigo_pxc200\-E\.d_firmware, Desigo_pxc22\-E\.d_firmware, Desigo_pxc22\.1\-E\.d_firmware, Desigo_pxc36\.1\-E\.d_firmware, Desigo_pxc50\-E\.d_firmware, Desigo_pxc64\-U_firmware, Desigo_pxm20\-E_firmware, Nucleus_net, Nucleus_readystart_v3, Nucleus_source_code, Talon_tc_compact_firmware, Talon_tc_modular_firmware | 9.8 | ||
| 2021-11-09 | CVE-2021-31885 | A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and <... | Apogee_modular_building_controller_firmware, Apogee_modular_equiment_controller_firmware, Apogee_pxc_compact_firmware, Apogee_pxc_modular_firmware, Capital_vstar, Nucleus_net, Nucleus_readystart_v3, Nucleus_readystart_v4, Nucleus_source_code, Talon_tc_compact_firmware, Talon_tc_modular_firmware | 7.5 | ||
| 2021-11-09 | CVE-2021-31886 | A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and <... | Apogee_modular_building_controller_firmware, Apogee_modular_equiment_controller_firmware, Apogee_pxc_compact_firmware, Apogee_pxc_modular_firmware, Desigo_pxc001\-E\.d_firmware, Desigo_pxc00\-E\.d_firmware, Desigo_pxc00\-U_firmware, Desigo_pxc100\-E\.d_firmware, Desigo_pxc128\-U_firmware, Desigo_pxc12\-E\.d_firmware, Desigo_pxc200\-E\.d_firmware, Desigo_pxc22\-E\.d_firmware, Desigo_pxc22\.1\-E\.d_firmware, Desigo_pxc36\.1\-E\.d_firmware, Desigo_pxc50\-E\.d_firmware, Desigo_pxc64\-U_firmware, Desigo_pxm20\-E_firmware, Nucleus_net, Nucleus_readystart_v3, Nucleus_source_code, Talon_tc_compact_firmware, Talon_tc_modular_firmware | 9.8 | ||
| 2021-11-09 | CVE-2021-31887 | A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and <... | Apogee_modular_building_controller_firmware, Apogee_modular_equiment_controller_firmware, Apogee_pxc_compact_firmware, Apogee_pxc_modular_firmware, Desigo_pxc001\-E\.d_firmware, Desigo_pxc00\-E\.d_firmware, Desigo_pxc00\-U_firmware, Desigo_pxc100\-E\.d_firmware, Desigo_pxc128\-U_firmware, Desigo_pxc12\-E\.d_firmware, Desigo_pxc200\-E\.d_firmware, Desigo_pxc22\-E\.d_firmware, Desigo_pxc22\.1\-E\.d_firmware, Desigo_pxc36\.1\-E\.d_firmware, Desigo_pxc50\-E\.d_firmware, Desigo_pxc64\-U_firmware, Desigo_pxm20\-E_firmware, Nucleus_net, Nucleus_readystart_v3, Nucleus_source_code, Talon_tc_compact_firmware, Talon_tc_modular_firmware | 8.8 | ||
| 2021-11-09 | CVE-2021-31888 | A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and <... | Apogee_modular_building_controller_firmware, Apogee_modular_equiment_controller_firmware, Apogee_pxc_compact_firmware, Apogee_pxc_modular_firmware, Desigo_pxc001\-E\.d_firmware, Desigo_pxc00\-E\.d_firmware, Desigo_pxc00\-U_firmware, Desigo_pxc100\-E\.d_firmware, Desigo_pxc128\-U_firmware, Desigo_pxc12\-E\.d_firmware, Desigo_pxc200\-E\.d_firmware, Desigo_pxc22\-E\.d_firmware, Desigo_pxc22\.1\-E\.d_firmware, Desigo_pxc36\.1\-E\.d_firmware, Desigo_pxc50\-E\.d_firmware, Desigo_pxc64\-U_firmware, Desigo_pxm20\-E_firmware, Nucleus_net, Nucleus_readystart_v3, Nucleus_source_code, Talon_tc_compact_firmware, Talon_tc_modular_firmware | 8.8 | ||
| 2021-11-09 | CVE-2021-31889 | A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). Malformed TCP packets with a corrupted SACK option leads to Information Leaks and Denial-of-Service conditions. (FSMD-2021-0015) | Apogee_modular_building_controller_firmware, Apogee_modular_equiment_controller_firmware, Apogee_pxc_compact_firmware, Apogee_pxc_modular_firmware, Capital_vstar, Nucleus_net, Nucleus_readystart_v3, Nucleus_source_code, Talon_tc_compact_firmware, Talon_tc_modular_firmware | 9.1 | ||
| 2021-11-09 | CVE-2021-31890 | A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), PLUSCONTROL 1st Gen (All versions), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions < V1.0.0.0). The total length of an TCP payload (set in the IP header) is unchecked. This may lead to various side effects, including Information Leak and Denial-of-Service conditions, depending on the network buffer... | Apogee_modular_building_controller_firmware, Apogee_modular_equiment_controller_firmware, Apogee_pxc_compact_firmware, Apogee_pxc_modular_firmware, Capital_vstar, Nucleus_net, Nucleus_readystart_v3, Nucleus_readystart_v4, Nucleus_source_code, Talon_tc_compact_firmware, Talon_tc_modular_firmware | 9.1 | ||
| 2022-10-11 | CVE-2022-38371 | A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.7), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.21), APOGEE PXC Modular (BACnet) (All versions < V3.5.7), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.21), Desigo PXC00-E.D (All versions >= V2.3), Desigo PXC00-U... | Apogee_modular_building_controller_firmware, Apogee_modular_equiment_controller_firmware, Apogee_pxc_compact_firmware, Apogee_pxc_modular_firmware, Desigo_pxc001\-E\.d_firmware, Desigo_pxc00\-E\.d_firmware, Desigo_pxc00\-U_firmware, Desigo_pxc100\-E\.d_firmware, Desigo_pxc128\-U_firmware, Desigo_pxc12\-E\.d_firmware, Desigo_pxc200\-E\.d_firmware, Desigo_pxc22\-E\.d_firmware, Desigo_pxc22\.1\-E\.d_firmware, Desigo_pxc36\.1\-E\.d_firmware, Desigo_pxc50\-E\.d_firmware, Desigo_pxc64\-U_firmware, Desigo_pxm20\-E_firmware, Nucleus_net, Nucleus_readystart_v3, Nucleus_source_code, Talon_tc_compact_firmware | 7.5 |