SIEMENS-SSA-944498
·
Published 2021-09-14
·
View on Siemens ProductCERT ↗
SSA-944498 V1.0: Buffer Overflow Vulnerability in Web Server of APOGEE and TALON Automation Devices
CVSS N/A
MEDIUM
Risk Summary
<p>A buffer overflow vulnerability in the integrated web server of multiple APOGEE and TALON automation devices could allow a remote attacker to execute arbitrary code on the devices with root privileges.</p> <p>Affected devices include the APOGEE MBC/MEC/PXC P2 Ethernet devices with Power Open Processors (PPC), APOGEE PXC BACnet devices, and TALON TC BACnet devices.</p> <p>Siemens has released updates for several affected products and recommends to update to the latest versions. Siemens recommends countermeasures for products where updates are not, or not yet available.</p>
Remediations
- Refer to Siemens ProductCERT advisory for patch and remediation guidance.
Affected Vendors
Siemens
Affected Products (1)
Siemens
·
SSA-944498 V1.0: Buffer Overflow Vulnerability in Web Server of APOGEE and TALON Automation Devices
See advisory
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more