171 matches found
CVE-2021-27391
A vulnerability has been identified in APOGEE MBC PPC P2 Ethernet All versions = V2.6.3, APOGEE MEC PPC P2 Ethernet All versions = V2.6.3, APOGEE PXC Compact BACnet All versions = V2.8, APOGEE PXC Modular BACnet All versions = V2.8, TALON TC Compact BACnet All versions V3.5.3, TALON TC Modular...
CVE-2021-27391
A vulnerability has been identified in APOGEE MBC PPC P2 Ethernet All versions = V2.6.3, APOGEE MEC PPC P2 Ethernet All versions = V2.6.3, APOGEE PXC Compact BACnet All versions = V2.8, APOGEE PXC Modular BACnet All versions = V2.8, TALON TC Compact BACnet All versions V3.5.3, TALON TC Modular...
Buffer overflow
A vulnerability has been identified in APOGEE MBC PPC P2 Ethernet All versions = V2.6.3, APOGEE MEC PPC P2 Ethernet All versions = V2.6.3, APOGEE PXC Compact BACnet All versions = V2.8, APOGEE PXC Modular BACnet All versions = V2.8, TALON TC Compact BACnet All versions V3.5.3, TALON TC Modular...
CVE-2021-27391
A vulnerability has been identified in APOGEE MBC PPC P2 Ethernet All versions = V2.6.3, APOGEE MEC PPC P2 Ethernet All versions = V2.6.3, APOGEE PXC Compact BACnet All versions = V2.8, APOGEE PXC Modular BACnet All versions = V2.8, TALON TC Compact BACnet All versions V3.5.3, TALON TC Modular...
CVE-2021-27391
A vulnerability has been identified in APOGEE MBC PPC P2 Ethernet All versions = V2.6.3, APOGEE MEC PPC P2 Ethernet All versions = V2.6.3, APOGEE PXC Compact BACnet All versions = V2.8, APOGEE PXC Modular BACnet All versions = V2.8, TALON TC Compact BACnet All versions V3.5.3, TALON TC Modular...
CVE-2021-27391
Summary: CVE-2021-27391 affects Siemens APOGEE and TALON devices. The vulnerability is a buffer overflow in the web server caused by improper bounds checking when parsing the Host header in HTTP requests. The issue affects multiple products/versions: APOGEE MBC (PPC) and APOGEE MEC (PPC) with ver...
Siemens APOGEE and TALON
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: APOGEE and TALON Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the...
Siemens Nucleus Improper Input Validation
A vulnerability has been identified in APOGEE MEC/MBC/PXC P2 All versions = V3.0, APOGEE PXC Series P2 All versions = V2.8.2, Desigo PXC Power PC All versions = V2.3x and = V2.3x and = V3.0, VSTAR All versions. By sending specially crafted DHCP packets to a device where the DHCP client is enabled...
Poker player jailed for illegal video streaming, downloading websites
By Deeba Ahmed Talon White has received 12 months of prison sentence after being involved in the illegal streaming of copyright-protected TV shows and movies. This is a post from HackRead.com Read the original post: Poker player jailed for illegal video streaming, downloading websites...
CVE-2021-25677
A vulnerability has been identified in APOGEE PXC Compact BACnet All versions = V0.5.0.0 V1.0.0.0, TALON TC Compact BACnet All versions V3.5.5, TALON TC Modular BACnet All versions V3.5.5. The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the D...
CVE-2020-15795
A vulnerability has been identified in APOGEE PXC Compact BACnet All versions V3.5.5, APOGEE PXC Compact P2 Ethernet All versions V2.8.20, APOGEE PXC Modular BACnet All versions V3.5.5, APOGEE PXC Modular P2 Ethernet All versions V2.8.20, Nucleus NET All versions V5.2, Nucleus Source Code Version...
CVE-2020-27009
A vulnerability has been identified in APOGEE PXC Compact BACnet All versions V3.5.5, APOGEE PXC Compact P2 Ethernet All versions V2.8.20, APOGEE PXC Modular BACnet All versions V3.5.5, APOGEE PXC Modular P2 Ethernet All versions V2.8.20, Nucleus NET All versions V5.2, Nucleus Source Code Version...
Design/Logic Flaw
A vulnerability has been identified in APOGEE PXC Compact BACnet All versions V3.5.5, APOGEE PXC Compact P2 Ethernet All versions V2.8.20, APOGEE PXC Modular BACnet All versions V3.5.5, APOGEE PXC Modular P2 Ethernet All versions V2.8.20, Nucleus NET All versions, Nucleus ReadyStart V3 All versio...
Race condition
A vulnerability has been identified in APOGEE PXC Compact BACnet All versions V3.5.5, APOGEE PXC Compact P2 Ethernet All versions V2.8.20, APOGEE PXC Modular BACnet All versions V3.5.5, APOGEE PXC Modular P2 Ethernet All versions V2.8.20, Nucleus NET All versions V5.2, Nucleus Source Code Version...
CVE-2021-25677
A vulnerability has been identified in APOGEE PXC Compact BACnet All versions = V0.5.0.0 V1.0.0.0, TALON TC Compact BACnet All versions V3.5.5, TALON TC Modular BACnet All versions V3.5.5. The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the D...
CVE-2021-25677
CVE-2021-25677 concerns DNS transaction ID randomness in Siemens DNS clients across multiple products (APOGEE PXC BACnet/P2 Ethernet, Nucleus NET/ReadyStart, SIMOTICS CONNECT 400, TALON TC). Root cause: DNS client does not properly randomize transaction IDs, enabling potential DNS cache poisoning...
CVE-2020-27738
CVE-2020-27738 concerns the DNS domain name record decompression in Siemens APOGEE PXC/TALON, Nucleus, SIMOTICS CONNECT 400 and related DNS modules. The issue is improper validation of pointer offsets during DNS response parsing, which can cause a read past the end of an allocated structure and l...
CVE-2020-27009
A vulnerability has been identified in APOGEE PXC Compact BACnet All versions V3.5.5, APOGEE PXC Compact P2 Ethernet All versions V2.8.20, APOGEE PXC Modular BACnet All versions V3.5.5, APOGEE PXC Modular P2 Ethernet All versions V2.8.20, Nucleus NET All versions V5.2, Nucleus Source Code Version...
CVE-2020-27736
Summary (supported): CVE-2020-27736 affects Siemens APOGEE PXC (BACnet and P2 Ethernet), Nucleus NET/ReadyStart/Source Code, SIMOTICS CONNECT 400, TALON TC (and related Nucleus/DNS modules). The vulnerability stems from improper validation in the DNS domain name label parsing of DNS responses, wh...
CVE-2020-27737
Siemens APOGEE PXC, Nucleus and TALON/SIMOTICS products are affected by a DNS response parsing vulnerability that can read past allocated memory when processing malformed DNS responses. A privileged attacker on the network could cause a denial of service or memory leakage. Remediation is to updat...