CVE-2025-40757 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-40757 PUBLISHED CVSS 5.300000190734863 MEDIUM

A vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions), APOGEE PXC Series (P2 Ethernet) (All versions), TALON TC Series (BACnet) (All versions). Affected devices connected to the network allow unrestricted access to sensitive files, such as databases. This could allow an attacker to download encrypted .db file containing passwords.

EPSS 0.04% · 11.0th percentile

Risk Scores

CVSS v3.1

5.300000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS Score

0.04%

11.0th percentile

Affected Products

Vendor	Product	Versions
Siemens	APOGEE PXC Series (P2 Ethernet)	0
Siemens	APOGEE PXC Series (BACnet)	0
Siemens	TALON TC Series (BACnet)	0

Timeline

Sep 9, 2025 EPSS Score
Sep 9, 2025 Coalition ESS Score
Sep 9, 2025 CVE Published
Sep 9, 2025 CVE Updated
Sep 11, 2025 PoC Published
Sep 16, 2025 EPSS Score
Sep 23, 2025 EPSS Score
Sep 29, 2025 EPSS Score
Oct 3, 2025 Coalition ESS Score
Oct 6, 2025 EPSS Score
Oct 6, 2025 Coalition ESS Score
Oct 10, 2025 Coalition ESS Score

References

Open in Interactive Console →