CVE-2020-27009

🗓️ 22 Apr 2021 20:42:19Reported by siemensType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 94 Views

CVE-2020-27009 DNS record decompression vulnerability in APOGEE, Nucleus, and TALON products

Reporter	Title	Published	Views	Family All 11
CNNVD	多款Siemens产品缓冲区错误漏洞	13 Apr 202100:00	–	cnnvd
CNVD	Siemens Nucleus Product Out-of-Bounds Write Vulnerability (CNVD-2021-28701)	13 Apr 202100:00	–	cnvd
Cvelist	CVE-2020-27009	22 Apr 202120:42	–	cvelist
EUVD	EUVD-2020-19533	7 Oct 202500:30	–	euvd
F5 Networks	K70746705: Multiple NAME:WRECK vulnerabilities	21 Feb 202319:58	–	f5
ICS	Siemens Nucleus Products DNS Module (Update A)	13 Apr 202100:00	–	ics
NVD	CVE-2020-27009	22 Apr 202121:15	–	nvd
Prion	Race condition	22 Apr 202121:15	–	prion
Positive Technologies	PT-2021-2645 · Unknown · Apogee Pxc Compact +5	14 Apr 202100:00	–	ptsecurity
RedhatCVE	CVE-2020-27009	5 Feb 202515:01	–	redhatcve

NVD

Node

siemens nucleus_netRange<5.2

siemens nucleus_source_codeMatch-

[
  {
    "vendor": "Siemens",
    "product": "APOGEE PXC Compact (BACnet)",
    "versions": [
      {
        "version": "All versions < V3.5.5",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "APOGEE PXC Compact (P2 Ethernet)",
    "versions": [
      {
        "version": "All versions < V2.8.20",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "APOGEE PXC Modular (BACnet)",
    "versions": [
      {
        "version": "All versions < V3.5.5",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "APOGEE PXC Modular (P2 Ethernet)",
    "versions": [
      {
        "version": "All versions < V2.8.20",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "Nucleus NET",
    "versions": [
      {
        "version": "All versions < V5.2",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "Nucleus Source Code",
    "versions": [
      {
        "version": "Versions including affected DNS modules",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "TALON TC Compact (BACnet)",
    "versions": [
      {
        "version": "All versions < V3.5.5",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "TALON TC Modular (BACnet)",
    "versions": [
      {
        "version": "All versions < V3.5.5",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-185699.pdf
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf

21 Nov 2024 05:20Current

8.1High risk

Vulners AI Score8.1

CVSS 26.8

CVSS 3.18.1

EPSS0.00686