cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-38371,https://securityvulnerability.io/vulnerability/CVE-2022-38371,Denial of Service Vulnerability in Siemens APOGEE and Desigo Products,"A vulnerability has been discovered in various Siemens products, specifically affecting the FTP server's ability to manage memory resources. This flaw can be exploited by remote attackers to create a denial of service condition by leaving incomplete connection attempts, which prevents the server from successfully releasing memory. As a result, devices running these vulnerable versions may become unresponsive. Users are encouraged to review the affected product versions and apply appropriate mitigations.",Siemens,"Apogee Mbc (ppc) (bacnet),Apogee Mbc (ppc) (p2 Ethernet),Apogee Mec (ppc) (bacnet),Apogee Mec (ppc) (p2 Ethernet),Apogee Pxc Compact (bacnet),Apogee Pxc Compact (p2 Ethernet),Apogee Pxc Modular (bacnet),Apogee Pxc Modular (p2 Ethernet),Desigo Pxc00-e.d,Desigo Pxc00-u,Desigo Pxc001-e.d,Desigo Pxc100-e.d,Desigo Pxc12-e.d,Desigo Pxc128-u,Desigo Pxc200-e.d,Desigo Pxc22-e.d,Desigo Pxc22.1-e.d,Desigo Pxc36.1-e.d,Desigo Pxc50-e.d,Desigo Pxc64-u,Desigo Pxm20-e,Nucleus Net For Nucleus Plus V1,Nucleus Net For Nucleus Plus V2,Nucleus Readystart V3 V2012,Nucleus Readystart V3 V2017,Nucleus Source Code,Talon Tc Compact (bacnet),Talon Tc Modular (bacnet)",7.5,HIGH,0.0035600000992417336,false,,false,false,false,,false,false,2022-10-11T00:00:00.000Z,0
CVE-2021-31888,https://securityvulnerability.io/vulnerability/CVE-2021-31888,,"A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “MKD/XMKD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0018)",Siemens,"Apogee Mbc (ppc) (bacnet),Apogee Mbc (ppc) (p2 Ethernet),Apogee Mec (ppc) (bacnet),Apogee Mec (ppc) (p2 Ethernet),Apogee Pxc Compact (bacnet),Apogee Pxc Compact (p2 Ethernet),Apogee Pxc Modular (bacnet),Apogee Pxc Modular (p2 Ethernet),Desigo Pxc00-e.d,Desigo Pxc00-u,Desigo Pxc001-e.d,Desigo Pxc100-e.d,Desigo Pxc12-e.d,Desigo Pxc128-u,Desigo Pxc200-e.d,Desigo Pxc22-e.d,Desigo Pxc22.1-e.d,Desigo Pxc36.1-e.d,Desigo Pxc50-e.d,Desigo Pxc64-u,Desigo Pxm20-e,Nucleus Net,Nucleus Readystart V3,Nucleus Source Code,Talon Tc Compact (bacnet),Talon Tc Modular (bacnet)",8.8,HIGH,0.003000000026077032,false,,false,false,false,,false,false,2021-11-09T11:32:00.000Z,0
CVE-2021-31887,https://securityvulnerability.io/vulnerability/CVE-2021-31887,,"A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “PWD/XPWD” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0016)",Siemens,"Apogee Mbc (ppc) (bacnet),Apogee Mbc (ppc) (p2 Ethernet),Apogee Mec (ppc) (bacnet),Apogee Mec (ppc) (p2 Ethernet),Apogee Pxc Compact (bacnet),Apogee Pxc Compact (p2 Ethernet),Apogee Pxc Modular (bacnet),Apogee Pxc Modular (p2 Ethernet),Desigo Pxc00-e.d,Desigo Pxc00-u,Desigo Pxc001-e.d,Desigo Pxc100-e.d,Desigo Pxc12-e.d,Desigo Pxc128-u,Desigo Pxc200-e.d,Desigo Pxc22-e.d,Desigo Pxc22.1-e.d,Desigo Pxc36.1-e.d,Desigo Pxc50-e.d,Desigo Pxc64-u,Desigo Pxm20-e,Nucleus Net,Nucleus Readystart V3,Nucleus Source Code,Talon Tc Compact (bacnet),Talon Tc Modular (bacnet)",8.8,HIGH,0.0028800000436604023,false,,false,false,false,,false,false,2021-11-09T11:32:00.000Z,0
CVE-2021-31886,https://securityvulnerability.io/vulnerability/CVE-2021-31886,,"A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). FTP server does not properly validate the length of the “USER” command, leading to stack-based buffer overflows. This may result in Denial-of-Service conditions and Remote Code Execution. (FSMD-2021-0010)",Siemens,"Apogee Mbc (ppc) (bacnet),Apogee Mbc (ppc) (p2 Ethernet),Apogee Mec (ppc) (bacnet),Apogee Mec (ppc) (p2 Ethernet),Apogee Pxc Compact (bacnet),Apogee Pxc Compact (p2 Ethernet),Apogee Pxc Modular (bacnet),Apogee Pxc Modular (p2 Ethernet),Desigo Pxc00-e.d,Desigo Pxc00-u,Desigo Pxc001-e.d,Desigo Pxc100-e.d,Desigo Pxc12-e.d,Desigo Pxc128-u,Desigo Pxc200-e.d,Desigo Pxc22-e.d,Desigo Pxc22.1-e.d,Desigo Pxc36.1-e.d,Desigo Pxc50-e.d,Desigo Pxc64-u,Desigo Pxm20-e,Nucleus Net,Nucleus Readystart V3,Nucleus Source Code,Talon Tc Compact (bacnet),Talon Tc Modular (bacnet)",9.8,CRITICAL,0.012179999612271786,false,,false,false,false,,false,false,2021-11-09T11:31:59.000Z,0
CVE-2021-31885,https://securityvulnerability.io/vulnerability/CVE-2021-31885,,"A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.1), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). TFTP server application allows for reading the contents of the TFTP memory buffer via sending malformed TFTP commands. (FSMD-2021-0009)",Siemens,"Apogee Mbc (ppc) (bacnet),Apogee Mbc (ppc) (p2 Ethernet),Apogee Mec (ppc) (bacnet),Apogee Mec (ppc) (p2 Ethernet),Apogee Pxc Compact (bacnet),Apogee Pxc Compact (p2 Ethernet),Apogee Pxc Modular (bacnet),Apogee Pxc Modular (p2 Ethernet),Desigo Pxc00-e.d,Desigo Pxc00-u,Desigo Pxc001-e.d,Desigo Pxc100-e.d,Desigo Pxc12-e.d,Desigo Pxc128-u,Desigo Pxc200-e.d,Desigo Pxc22-e.d,Desigo Pxc22.1-e.d,Desigo Pxc36.1-e.d,Desigo Pxc50-e.d,Desigo Pxc64-u,Desigo Pxm20-e,Nucleus Net,Nucleus Readystart V3,Nucleus Readystart V4,Nucleus Source Code,Pluscontrol 1st Gen,Talon Tc Compact (bacnet),Talon Tc Modular (bacnet)",7.5,HIGH,0.0011899999808520079,false,,false,false,false,,false,false,2021-11-09T11:31:58.000Z,0
CVE-2021-31884,https://securityvulnerability.io/vulnerability/CVE-2021-31884,,"A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.4), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.19), APOGEE PXC Modular (BACnet) (All versions < V3.5.4), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.19), Capital VSTAR (All versions with enabled Ethernet options), Desigo PXC00-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC00-U (All versions >= V2.3 and < V6.30.016), Desigo PXC001-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC100-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC12-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC128-U (All versions >= V2.3 and < V6.30.016), Desigo PXC200-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC22.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC36.1-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC50-E.D (All versions >= V2.3 and < V6.30.016), Desigo PXC64-U (All versions >= V2.3 and < V6.30.016), Desigo PXM20-E (All versions >= V2.3 and < V6.30.016), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus Source Code (All versions), TALON TC Compact (BACnet) (All versions < V3.5.4), TALON TC Modular (BACnet) (All versions < V3.5.4). The DHCP client application assumes that the data supplied with the “Hostname” DHCP option is NULL terminated. In cases when global hostname variable is not defined, this may lead to Out-of-bound reads, writes, and Denial-of-service conditions. (FSMD-2021-0014)",Siemens,"Apogee Mbc (ppc) (bacnet),Apogee Mbc (ppc) (p2 Ethernet),Apogee Mec (ppc) (bacnet),Apogee Mec (ppc) (p2 Ethernet),Apogee Pxc Compact (bacnet),Apogee Pxc Compact (p2 Ethernet),Apogee Pxc Modular (bacnet),Apogee Pxc Modular (p2 Ethernet),Capital Vstar,Desigo Pxc00-e.d,Desigo Pxc00-u,Desigo Pxc001-e.d,Desigo Pxc100-e.d,Desigo Pxc12-e.d,Desigo Pxc128-u,Desigo Pxc200-e.d,Desigo Pxc22-e.d,Desigo Pxc22.1-e.d,Desigo Pxc36.1-e.d,Desigo Pxc50-e.d,Desigo Pxc64-u,Desigo Pxm20-e,Nucleus Net,Nucleus Readystart V3,Nucleus Source Code,Talon Tc Compact (bacnet),Talon Tc Modular (bacnet)",9.8,CRITICAL,0.003530000103637576,false,,false,false,false,,false,false,2021-11-09T11:31:57.000Z,0
CVE-2021-25677,https://securityvulnerability.io/vulnerability/CVE-2021-25677,,"A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions >= V0.5.0.0 < V1.0.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the DNS cache or spoof DNS resolving.",Siemens,"Apogee Pxc Compact (bacnet),Apogee Pxc Compact (p2 Ethernet),Apogee Pxc Modular (bacnet),Apogee Pxc Modular (p2 Ethernet),Nucleus Net,Nucleus Readystart V3,Nucleus Readystart V4,Nucleus Source Code,Simotics Connect 400,Talon Tc Compact (bacnet),Talon Tc Modular (bacnet)",5.3,MEDIUM,0.0010499999625608325,false,,false,false,false,,false,false,2021-04-22T20:42:21.000Z,0
CVE-2021-27393,https://securityvulnerability.io/vulnerability/CVE-2021-27393,,"A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2013.08), Nucleus Source Code (Versions including affected DNS modules). The DNS client does not properly randomize UDP port numbers of DNS requests. That could allow an attacker to poison the DNS cache or spoof DNS resolving.",Siemens,"Nucleus Net,Nucleus Readystart V3,Nucleus Source Code",5.3,MEDIUM,0.0008399999933317304,false,,false,false,false,,false,false,2021-04-22T20:42:21.000Z,0
CVE-2021-25663,https://securityvulnerability.io/vulnerability/CVE-2021-25663,,"A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (All versions including affected IPv6 stack). The function that processes IPv6 headers does not check the lengths of extension header options, allowing attackers to put this function into an infinite loop with crafted length values.",Siemens,"Capital Embedded Ar Classic 431-422,Capital Embedded Ar Classic R20-11,Nucleus Net,Nucleus Readystart V3,Nucleus Readystart V4,Nucleus Source Code",7.5,HIGH,0.0016599999507889152,false,,false,false,false,,false,false,2021-04-22T20:42:20.000Z,0
CVE-2020-27738,https://securityvulnerability.io/vulnerability/CVE-2020-27738,,"A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a read access past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition.",Siemens,"Apogee Pxc Compact (bacnet),Apogee Pxc Compact (p2 Ethernet),Apogee Pxc Modular (bacnet),Apogee Pxc Modular (p2 Ethernet),Nucleus Net,Nucleus Readystart V3,Nucleus Readystart V4,Nucleus Source Code,Simotics Connect 400,Talon Tc Compact (bacnet),Talon Tc Modular (bacnet)",6.5,MEDIUM,0.0028800000436604023,false,,false,false,false,,false,false,2021-04-22T20:42:20.000Z,0
CVE-2021-25664,https://securityvulnerability.io/vulnerability/CVE-2021-25664,,"A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (All versions including affected IPv6 stack). The function that processes the Hop-by-Hop extension header in IPv6 packets and its options lacks any checks against the length field of the header, allowing attackers to put the function into an infinite loop by supplying arbitrary length values.",Siemens,"Capital Embedded Ar Classic 431-422,Capital Embedded Ar Classic R20-11,Nucleus Net,Nucleus Readystart V3,Nucleus Readystart V4,Nucleus Source Code",7.5,HIGH,0.0016599999507889152,false,,false,false,false,,false,false,2021-04-22T20:42:20.000Z,0
CVE-2020-27736,https://securityvulnerability.io/vulnerability/CVE-2020-27736,,"A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory.",Siemens,"Apogee Pxc Compact (bacnet),Apogee Pxc Compact (p2 Ethernet),Apogee Pxc Modular (bacnet),Apogee Pxc Modular (p2 Ethernet),Nucleus Net,Nucleus Readystart V3,Nucleus Readystart V4,Nucleus Source Code,Simotics Connect 400,Talon Tc Compact (bacnet),Talon Tc Modular (bacnet)",6.5,MEDIUM,0.0016700000269338489,false,,false,false,false,,false,false,2021-04-22T20:42:19.000Z,0
CVE-2020-27737,https://securityvulnerability.io/vulnerability/CVE-2020-27737,,"A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition  or leak the memory past the allocated structure.",Siemens,"Apogee Pxc Compact (bacnet),Apogee Pxc Compact (p2 Ethernet),Apogee Pxc Modular (bacnet),Apogee Pxc Modular (p2 Ethernet),Nucleus Net,Nucleus Readystart V3,Nucleus Readystart V4,Nucleus Source Code,Simotics Connect 400,Talon Tc Compact (bacnet),Talon Tc Modular (bacnet)",6.5,MEDIUM,0.0016700000269338489,false,,false,false,false,,false,false,2021-04-22T20:42:19.000Z,0
CVE-2020-15795,https://securityvulnerability.io/vulnerability/CVE-2020-15795,,"A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition.",Siemens,"Apogee Pxc Compact (bacnet),Apogee Pxc Compact (p2 Ethernet),Apogee Pxc Modular (bacnet),Apogee Pxc Modular (p2 Ethernet),Nucleus Net,Nucleus Source Code,Talon Tc Compact (bacnet),Talon Tc Modular (bacnet)",8.1,HIGH,0.006440000142902136,false,,false,false,false,,false,false,2021-04-22T20:42:19.000Z,0
CVE-2020-27009,https://securityvulnerability.io/vulnerability/CVE-2020-27009,,"A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition.",Siemens,"Apogee Pxc Compact (bacnet),Apogee Pxc Compact (p2 Ethernet),Apogee Pxc Modular (bacnet),Apogee Pxc Modular (p2 Ethernet),Nucleus Net,Nucleus Source Code,Talon Tc Compact (bacnet),Talon Tc Modular (bacnet)",8.1,HIGH,0.14601999521255493,false,,false,false,false,,false,false,2021-04-22T20:42:19.000Z,0
CVE-2020-28388,https://securityvulnerability.io/vulnerability/CVE-2020-28388,,"A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus ReadyStart V3 (All versions < V2012.12), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). Initial Sequence Numbers (ISNs) for TCP connections are derived from an insufficiently random source. As a result, the ISN of current and future TCP connections could be predictable. An attacker could hijack existing sessions or spoof future ones.",Siemens,"Apogee Pxc Compact (bacnet),Apogee Pxc Compact (p2 Ethernet),Apogee Pxc Modular (bacnet),Apogee Pxc Modular (p2 Ethernet),Nucleus Net,Nucleus Readystart V3,Nucleus Source Code,Pluscontrol 1st Gen,Talon Tc Compact (bacnet),Talon Tc Modular (bacnet)",6.5,MEDIUM,0.002589999930933118,false,,false,false,false,,false,false,2021-02-09T00:00:00.000Z,0
CVE-2019-13939,https://securityvulnerability.io/vulnerability/CVE-2019-13939,,"A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions < V2.8.2), APOGEE PXC Series (BACnet) (All versions < V3.5.3), APOGEE PXC Series (P2) (All versions >= V2.8.2 and < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC00-U (All versions >= V2.3x and < V6.00.327), Desigo PXC001-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC100-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC12-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC128-U (All versions >= V2.3x and < V6.00.327), Desigo PXC200-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC36.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC50-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC64-U (All versions >= V2.3x and < V6.00.327), Desigo PXM20-E (All versions >= V2.3x and < V6.00.327), Nucleus NET (All versions), Nucleus RTOS (All versions), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions < V2017.02.2 with patch ""Nucleus 2017.02.02 Nucleus NET Patch""), Nucleus SafetyCert (All versions), Nucleus Source Code (All versions), SIMOTICS CONNECT 400 (All versions < V0.3.0.330), TALON TC Series (BACnet) (All versions < V3.5.3), VSTAR (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. The vulnerability could affect availability and integrity of the device. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack.",Siemens,"Apogee Mec/mbc/pxc (p2),Apogee Pxc Series (bacnet),Apogee Pxc Series (p2),Desigo Pxc00-e.d,Desigo Pxc00-u,Desigo Pxc001-e.d,Desigo Pxc100-e.d,Desigo Pxc12-e.d,Desigo Pxc128-u,Desigo Pxc200-e.d,Desigo Pxc22-e.d,Desigo Pxc22.1-e.d,Desigo Pxc36.1-e.d,Desigo Pxc50-e.d,Desigo Pxc64-u,Desigo Pxm20-e,Nucleus Net,Nucleus Rtos,Nucleus Readystart For Arm, Mips, And Ppc,Nucleus Safetycert,Nucleus Source Code,Simotics Connect 400,Talon Tc Series (bacnet),Vstar",7.1,HIGH,0.002259999979287386,false,,false,false,false,,false,false,2020-01-16T15:35:24.000Z,0