CVE-2025-0657

CVE-2025-0657 describes a vulnerability affecting Automated Logic WebCTRL and Carrier i-Vu Gen5 controllers. The issue arises in BACnet MS/TP communication, where malformed packets can be sent to the device, leading to a fault state that requires a manual power cycle to restore network visibility...

EUVD-2025-14682

Malicious code in bioql PyPI...

PT-2025-20851 · Unknown · Ms/Tp Point Pickup Module

Name of the Vulnerable Software and Affected Versions: MS/TP Point Pickup Module All versions Description: A vulnerability has been identified where affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the same BACnet network to send ...

PT-2025-20863 · Unknown · Apogee Pxc+Talon Tc Series

Name of the Vulnerable Software and Affected Versions: APOGEE PXC+TALON TC Series BACnet All versions Description: A vulnerability has been identified that could allow an attacker residing in the same BACnet network to send a specially crafted message, resulting in a partial denial of service...

Climatix POL909 跨站脚本漏洞

Siemens Climatix AWB Advanced Web and BACnet Module, POL909 enables users of the Climatix 600 solution to connect to a BACnet IP network and implement and load customer web pages and features. Siemens Climatix AWM Advanced Web Module, POL909 enables users of the Climatix 600 solution to implement...