CVE-2020-15795

🗓️ 22 Apr 2021 20:42:19Reported by siemensType

APOGEE, TALON, Nucleus NET DNS Parsing Vulnerabilit

Reporter	Title	Published	Views	Family All 13
BDU FSTEC	The vulnerability of the DNS naming service function of Nucleus NET TCP/IP allows a perpetrator to execute arbitrary code.	21 Apr 202100:00	–	bdu_fstec
CNNVD	多款siemens产品缓冲区错误漏洞	13 Apr 202100:00	–	cnnvd
CNVD	Siemens Nucleus Product Out-of-Bounds Write Vulnerability	13 Apr 202100:00	–	cnvd
CVE	CVE-2020-15795	22 Apr 202120:42	–	cve
EUVD	EUVD-2020-7778	7 Oct 202500:30	–	euvd
F5 Networks	K70746705: Multiple NAME:WRECK vulnerabilities	21 Feb 202319:58	–	f5
ICS	Siemens Nucleus Products DNS Module (Update A)	13 Apr 202100:00	–	ics
NVD	CVE-2020-15795	22 Apr 202121:15	–	nvd
OSV	CVE-2020-15795	22 Apr 202121:15	–	osv
Prion	Race condition	22 Apr 202121:15	–	prion

[
  {
    "vendor": "Siemens",
    "product": "APOGEE PXC Compact (BACnet)",
    "versions": [
      {
        "version": "All versions < V3.5.5",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "APOGEE PXC Compact (P2 Ethernet)",
    "versions": [
      {
        "version": "All versions < V2.8.20",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "APOGEE PXC Modular (BACnet)",
    "versions": [
      {
        "version": "All versions < V3.5.5",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "APOGEE PXC Modular (P2 Ethernet)",
    "versions": [
      {
        "version": "All versions < V2.8.20",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "Nucleus NET",
    "versions": [
      {
        "version": "All versions < V5.2",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "Nucleus Source Code",
    "versions": [
      {
        "version": "Versions including affected DNS modules",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "TALON TC Compact (BACnet)",
    "versions": [
      {
        "version": "All versions < V3.5.5",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "TALON TC Modular (BACnet)",
    "versions": [
      {
        "version": "All versions < V3.5.5",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-185699.pdf

08 Aug 2023 09:20Current

8High risk

Vulners AI Score8

CVSS 3.18.1

EPSS0.00686

CWE-787