VDB
CVE-2024-54090
CVE-2024-54090
PUBLISHED
CVSS 5.900000095367432 MEDIUM
A vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions), APOGEE PXC Series (P2 Ethernet) (All versions), TALON TC Series (BACnet) (All versions). Affected devices contain an out-of-bounds read in the memory dump function. This could allow an attacker with Medium (MED) or higher privileges to cause the device to enter an insecure cold start state.
EPSS 0.07% · 22.6th percentile
Risk Scores
CVSS 3.1
5.900000095367432
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.07%
22.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | APOGEE PXC Series (P2 Ethernet) | 0 |
| Siemens | TALON TC Series (BACnet) | 0 |
| Siemens | APOGEE PXC Series (BACnet) | 0 |
Exploit Intelligence
- CIRCL seen: CVE-2024-54090 (circl-sighting)
- CIRCL seen: CVE-2024-54090 (circl-sighting)
- CIRCL seen: CVE-2024-54090 (circl-sighting)
- CIRCL seen: CVE-2024-54090 (circl-sighting)
- https://cert-portal.siemens.com/productcert/html/ssa-615116.html (circl)
- vulns.js (github-poc)
- vulns.js (github-poc)
- vulns.js (github-poc)
- vulns.js (github-poc)
- vulns.js (github-poc)
…and 1 more exploits
Timeline
- Feb 11, 2025 CVE Published
- Feb 11, 2025 PoC Published
- Feb 11, 2025 PoC Published
- Feb 11, 2025 PoC Published
- Feb 12, 2025 EPSS Score
- Feb 12, 2025 CVE Updated
- Feb 13, 2025 PoC Published
- Feb 24, 2025 Coalition ESS Score
- Feb 27, 2025 EPSS Score
- Mar 13, 2025 EPSS Score
- Mar 28, 2025 EPSS Score
- Apr 11, 2025 EPSS Score