ICSA-22-286-12
·
Published 2025-05-13
·
View on CISA ICS-CERT ↗
Siemens APOGEE, TALON and Desigo PXC/PXM Products
CVSS 7.5
HIGH
CVEs (1)
Remediations
- Disable the FTP service (Note that the FTP service is disabled by default on APOGEE, Desigo, and TALON products.)
- Currently no fix is planned
- Update to V3.5.7 or later version
- Update to V2.8.21 or later version
- Update to V6.30.37 or later version
Affected Vendors
Siemens
Affected Products (23)
Siemens
·
APOGEE MBC (PPC) (BACnet)
vers:all/*
Siemens
·
APOGEE MBC (PPC) (P2 Ethernet)
vers:all/*
Siemens
·
APOGEE MEC (PPC) (BACnet)
vers:all/*
Siemens
·
APOGEE MEC (PPC) (P2 Ethernet)
vers:all/*
Siemens
·
APOGEE PXC Compact (BACnet)
vers:all/<V3.5.7
Siemens
·
APOGEE PXC Compact (P2 Ethernet)
vers:all/<V2.8.21
Siemens
·
APOGEE PXC Modular (BACnet)
vers:all/<V3.5.7
Siemens
·
APOGEE PXC Modular (P2 Ethernet)
vers:all/<V2.8.21
Siemens
·
Desigo PXC00-E.D
vers:all/>=V2.3|<V6.30.37
Siemens
·
Desigo PXC00-U
vers:all/>=V2.3|<V6.30.37
Siemens
·
Desigo PXC001-E.D
vers:all/>=V2.3|<V6.30.37
Siemens
·
Desigo PXC12-E.D
vers:all/>=V2.3|<V6.30.37
Siemens
·
Desigo PXC22-E.D
vers:all/>=V2.3|<V6.30.37
Siemens
·
Desigo PXC22.1-E.D
vers:all/>=V2.3|<V6.30.37
Siemens
·
Desigo PXC36.1-E.D
vers:all/>=V2.3|<V6.30.37
Siemens
·
Desigo PXC50-E.D
vers:all/>=V2.3|<V6.30.37
Siemens
·
Desigo PXC64-U
vers:all/>=V2.3|<V6.30.37
Siemens
·
Desigo PXC100-E.D
vers:all/>=V2.3|<V6.30.37
Siemens
·
Desigo PXC128-U
vers:all/>=V2.3|<V6.30.37
Siemens
·
Desigo PXC200-E.D
vers:all/>=V2.3|<V6.30.37
Siemens
·
Desigo PXM20-E
vers:all/>=V2.3|<V6.30.37
Siemens
·
TALON TC Compact (BACnet)
vers:all/<V3.5.7
Siemens
·
TALON TC Modular (BACnet)
vers:all/<V3.5.7
Affected Sectors
Critical Manufacturing, Transportation Systems, Energy, Healthcare and Public Health, Financial Services, Government Services and Facilities
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more