← Back to home
ICSA-21-257-07  ·  Published 2025-05-06  ·  View on CISA ICS-CERT ↗

Siemens APOGEE and TALON

CVSS 9.8 CRITICAL

CVEs (1)

Remediations

  • Currently no remediation is available
  • Update to V3.5.3 or later version
  • Please contact your local Siemens office for support
  • Restrict access to the device, especially to the web interface (80/tcp and 443/tcp), to trusted IP addresses only
  • Disable the integrated web server

Affected Vendors

Siemens

Affected Products (8)

Siemens · APOGEE MBC (PPC) (P2 Ethernet) >=V2.6.3
Siemens · APOGEE MEC (PPC) (P2 Ethernet) >=V2.6.3
Siemens · APOGEE PXC Compact (BACnet) <V3.5.3
Siemens · APOGEE PXC Compact (P2 Ethernet) >=V2.8
Siemens · APOGEE PXC Modular (BACnet) <V3.5.3
Siemens · APOGEE PXC Modular (P2 Ethernet) >=V2.8
Siemens · TALON TC Compact (BACnet) <V3.5.3
Siemens · TALON TC Modular (BACnet) <V3.5.3

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more