← Back to home
ICSA-20-105-06  ·  Published 2025-06-10  ·  View on CISA ICS-CERT ↗

Siemens SIMOTICS, Desigo, APOGEE, and TALON

CVSS 7.1 HIGH

CVEs (1)

Remediations

  • Disable the DHCP client and use static IP address configuration instead (Note that the DHCP client is disabled by default on APOGEE, Desigo, and TALON products.)
  • APOGEE MEC, MBC, PXC (versions prior to V2.8.2): Use static IP address configuration as described above
  • APOGEE PXC Series and TALON TC Series products: If using static IP address is not possible, update to the fix version listed above or contact your local Siemens office for support
  • Currently no fix is planned
  • Update to V2.8.19 or later version
  • Update to V3.5.3 or later version
  • Update to V6.0.327 or later version
  • Update to V6.00.327 or later version
  • Update to V0.3.0.330 or later version

Affected Vendors

Siemens

Affected Products (21)

Siemens · APOGEE MEC/MBC/PXC (P2) vers:all/<V2.8.2
Siemens · APOGEE PXC Compact (BACnet) vers:all/<V3.5.3
Siemens · APOGEE PXC Compact (P2 Ethernet) vers:all/>=V2.8.2|<V2.8.19
Siemens · APOGEE PXC Modular (BACnet) vers:all/<V3.5.3
Siemens · APOGEE PXC Modular (P2 Ethernet) vers:all/>=V2.8.2|<V2.8.19
Siemens · Desigo PXC00-E.D vers:all/>=V2.3|<V6.0.327
Siemens · Desigo PXC00-U >=V2.3x_and_<V6.00.327
Siemens · Desigo PXC001-E.D vers:all/>=V2.3|<V6.0.327
Siemens · Desigo PXC12-E.D vers:all/>=V2.3|<V6.0.327
Siemens · Desigo PXC22-E.D vers:all/>=V2.3|<V6.0.327
Siemens · Desigo PXC22.1-E.D vers:all/>=V2.3|<V6.0.327
Siemens · Desigo PXC36.1-E.D vers:all/>=V2.3|<V6.0.327
Siemens · Desigo PXC50-E.D vers:all/>=V2.3|<V6.0.327
Siemens · Desigo PXC64-U >=V2.3x_and_<V6.00.327
Siemens · Desigo PXC100-E.D vers:all/>=V2.3|<V6.0.327
Siemens · Desigo PXC128-U >=V2.3x_and_<V6.00.327
Siemens · Desigo PXC200-E.D vers:all/>=V2.3|<V6.0.327
Siemens · Desigo PXM20-E vers:all/>=V2.3|<V6.0.327
Siemens · SIMOTICS CONNECT 400 vers:all/<V0.3.0.330
Siemens · TALON TC Compact (BACnet) vers:all/<V3.5.3
Siemens · TALON TC Modular (BACnet) vers:all/<V3.5.3

Affected Sectors

Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater Systems

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more