cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-54090,https://securityvulnerability.io/vulnerability/CVE-2024-54090,Out-of-Bounds Read in APOGEE PXC and TALON TC Series by Siemens,"A vulnerability has been discovered in various Siemens devices including the APOGEE PXC and TALON TC Series. The issue lies in an out-of-bounds read within the memory dump function. Attackers with sufficient privileges can exploit this flaw, leading to the device entering an insecure cold start state. This can potentially compromise the integrity of the system and expose critical functionalities under threat.",Siemens,"Apogee Pxc Series (bacnet),Apogee Pxc Series (p2 Ethernet),Talon Tc Series (bacnet)",6,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-02-11T10:29:01.530Z,0
CVE-2024-54089,https://securityvulnerability.io/vulnerability/CVE-2024-54089,Weak Encryption Vulnerability in APOGEE PXC and TALON TC Series by Siemens,"A critical vulnerability exists in various models of Siemens APOGEE PXC and TALON TC Series devices due to a weak encryption scheme relying on a hard-coded key. This vulnerability enables attackers to potentially deduce or decrypt sensitive passwords from intercepted cyphertext, thereby compromising the security of affected systems. Organizations using these devices should assess their infrastructure and implement necessary safeguards to mitigate potential threats stemming from this weakness.",Siemens,"Apogee Pxc Series (bacnet),Apogee Pxc Series (p2 Ethernet),Talon Tc Series (bacnet)",8.7,HIGH,0.0008699999889358878,false,,false,false,false,,false,false,false,,2025-02-11T10:29:00.200Z,0
CVE-2019-13939,https://securityvulnerability.io/vulnerability/CVE-2019-13939,DHCP Manipulation Vulnerability in Siemens APOGEE and Desigo Systems,"A vulnerability exists in Siemens' APOGEE and Desigo systems that allows an attacker to exploit inadequate DHCP packet handling. By sending specially crafted DHCP packets to devices with DHCP clients enabled, an unauthorized individual can change the IP addresses of the affected devices to invalid values. This could compromise both the availability and integrity of the impacted systems. Notably, the attack requires adjacent network access but does not necessitate any authentication or user interaction, making it particularly concerning for network security.",Siemens,"Apogee Mec/mbc/pxc (p2),Apogee Pxc Series (bacnet),Apogee Pxc Series (p2),Desigo Pxc00-e.d,Desigo Pxc00-u,Desigo Pxc001-e.d,Desigo Pxc100-e.d,Desigo Pxc12-e.d,Desigo Pxc128-u,Desigo Pxc200-e.d,Desigo Pxc22-e.d,Desigo Pxc22.1-e.d,Desigo Pxc36.1-e.d,Desigo Pxc50-e.d,Desigo Pxc64-u,Desigo Pxm20-e,Nucleus Net,Nucleus Rtos,Nucleus Readystart For Arm, Mips, And Ppc,Nucleus Safetycert,Nucleus Source Code,Simotics Connect 400,Talon Tc Series (bacnet),Vstar",7.1,HIGH,0.002259999979287386,false,,false,false,false,,,false,false,,2020-01-16T15:35:24.000Z,0