Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Apogee_pxc_firmware
(Siemens)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-01-16 | CVE-2019-13939 | A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions < V2.8.2), APOGEE PXC Compact (BACnet) (All versions < V3.5.3), APOGEE PXC Compact (P2 Ethernet) (All versions >= V2.8.2 < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.3), APOGEE PXC Modular (P2 Ethernet) (All versions >= V2.8.2 < V2.8.19), Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Desigo PXC00-E.D (All versions >= V2.3 < V6.0.327),... | Apogee_modular_building_controller_firmware, Apogee_modular_equiment_controller_firmware, Apogee_pxc_firmware, Capital_vstar, Desigo_pxc001\-E\.d_firmware, Desigo_pxc00\-E\.d_firmware, Desigo_pxc00\-U_firmware, Desigo_pxc12\-E\.d_firmware, Desigo_pxc22\-E\.d_firmware, Desigo_pxc22\.1\-E\.d_firmware, Desigo_pxc36\.1\-E\.d_firmware, Desigo_pxc_firmware, Desigo_pxm20_firmware, Desigopxc100\-E\.d_firmware, Desigopxc128\-U_firmware, Desigopxc200\-E\.d_firmware, Desigopxc50\-E\.d_firmware, Desigopxc64\-U_firmware, Desigopxm20\-E_firmware, Nucleus_net, Nucleus_readystart, Nucleus_rtos, Nucleus_safetycert, Nucleus_source_code, Simotics_connect_400_firmware, Talon_tc_firmware | N/A | ||
| 2017-10-23 | CVE-2017-9946 | A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. An attacker with network access to the integrated web server (80/tcp and 443/tcp) could bypass the authentication and download sensitive information from the device. | Apogee_pxc_firmware, Apogee_pxc_modular_firmware, Talon_tc_compact_firmware, Talon_tc_modular_firmware | 7.5 | ||
| 2017-10-23 | CVE-2017-9947 | A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. A directory traversal vulnerability could allow a remote attacker with network access to the integrated web server (80/tcp and 443/tcp) to obtain information on the structure of the file system of the affected devices. | Apogee_pxc_firmware, Apogee_pxc_modular_firmware, Talon_tc_compact_firmware, Talon_tc_modular_firmware | 5.3 |