Published: 14/09/2021 Updated: 28/09/2021

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

A vulnerability has been identified in APOGEE MBC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE MEC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE PXC Compact (BACnet) (All versions < V3.5.3), APOGEE PXC Compact (P2 Ethernet) (All versions >= V2.8), APOGEE PXC Modular (BACnet) (All versions < V3.5.3), APOGEE PXC Modular (P2 Ethernet) (All versions >= V2.8), TALON TC Compact (BACnet) (All versions < V3.5.3), TALON TC Modular (BACnet) (All versions < V3.5.3). The web server of affected devices lacks proper bounds checking when parsing the Host parameter in HTTP requests, which could lead to a buffer overflow. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the device with root privileges.

Vulnerable Product	Search on Vulmon	Subscribe to Product
siemens apogee_mbc_\\(ppc\\)_\\(p2_ethernet\\)_firmware
siemens apogee_mec_\\(ppc\\)_\\(p2_ethernet\\)_firmware
siemens apogee_pxc_bacnet_automation_controller_firmware
siemens apogee_pxc_compact_\\(p2_ethernet\\)_firmware
siemens apogee_pxc_modular_\\(bacnet\\)_firmware
siemens apogee_pxc_modular_\\(p2_ethernet\\)_firmware
siemens talon_tc_compact_\\(bacnet\\)_firmware
siemens talon_tc_modular_\\(bacnet\\)_firmware

CWE-120 https://cert-portal.siemens.com/productcert/pdf/ssa-944498.pdf https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-27391

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect