VDB
CISA-2024-54090
CISA-2024-54090
PUBLISHED
CVSS 5.9 MEDIUM
Reported by siemens · Published February 11, 2025
A vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions), APOGEE PXC Series (P2 Ethernet) (All versions), TALON TC Series (BACnet) (All versions). Affected devices contain an out-of-bounds read in the memory dump function. This could allow an attacker with Medium (MED) or higher privileges to cause the device to enter an insecure cold start state.
Risk Scores
CVSS 3.1
5.9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | APOGEE PXC Series (BACnet) | 0 |
| Siemens | APOGEE PXC Series (P2 Ethernet) | 0 |
| Siemens | TALON TC Series (BACnet) | 0 |
| Siemens | TALON TC Series (BACnet) | 0, 0 |
| Siemens | APOGEE PXC Series (BACnet) | 0, 0 |
| Siemens | APOGEE PXC Series (P2 Ethernet) | 0, 0 |
Timeline
- Feb 11, 2025 CVE Published
- Feb 12, 2025 CVE Updated