← Back to home
ICSA-21-315-07  ·  Published 2025-05-06  ·  View on CISA ICS-CERT ↗

Siemens Nucleus RTOS-based APOGEE and TALON Products (Update C)

CVSS 9.8 CRITICAL

CVEs (13)

Remediations

  • Currently no fix is planned
  • Update to V3.5.4 or later version
  • Update to V2.8.19 or later version
  • Update to V6.30.016 or later version
  • CVE-2021-31881, CVE-2021-31882, CVE-2021-31883, CVE-2021-31884: Disable the DHCP client and use static IP address configuration instead (Note that the DHCP client is disabled by default on APOGEE/TALON and Desigo products.)
  • CVE-2021-31885, CVE-2021-31886, CVE-2021-31887, CVE-2021-31888: Disable the FTP service (Note that the FTP service is disabled by default on Desigo products.)

Affected Vendors

Siemens

Affected Products (23)

Siemens · APOGEE MBC (PPC) (BACnet) vers:all/*
Siemens · APOGEE MBC (PPC) (P2 Ethernet) vers:all/*
Siemens · APOGEE MEC (PPC) (BACnet) vers:all/*
Siemens · APOGEE MEC (PPC) (P2 Ethernet) vers:all/*
Siemens · APOGEE PXC Compact (BACnet) <V3.5.4
Siemens · APOGEE PXC Compact (P2 Ethernet) <V2.8.19
Siemens · APOGEE PXC Modular (BACnet) <V3.5.4
Siemens · APOGEE PXC Modular (P2 Ethernet) <V2.8.19
Siemens · Desigo PXC00-E.D >=V2.3_and_<V6.30.016
Siemens · Desigo PXC00-U >=V2.3_and_<V6.30.016
Siemens · Desigo PXC001-E.D >=V2.3_and_<V6.30.016
Siemens · Desigo PXC12-E.D >=V2.3_and_<V6.30.016
Siemens · Desigo PXC22-E.D >=V2.3_and_<V6.30.016
Siemens · Desigo PXC22.1-E.D >=V2.3_and_<V6.30.016
Siemens · Desigo PXC36.1-E.D >=V2.3_and_<V6.30.016
Siemens · Desigo PXC50-E.D >=V2.3_and_<V6.30.016
Siemens · Desigo PXC64-U >=V2.3_and_<V6.30.016
Siemens · Desigo PXC100-E.D >=V2.3_and_<V6.30.016
Siemens · Desigo PXC128-U >=V2.3_and_<V6.30.016
Siemens · Desigo PXC200-E.D >=V2.3_and_<V6.30.016
Siemens · Desigo PXM20-E >=V2.3_and_<V6.30.016
Siemens · TALON TC Compact (BACnet) <V3.5.4
Siemens · TALON TC Modular (BACnet) <V3.5.4

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more