CVE-2025-40757

CVSS 6.3 MEDIUMEPSS 0.3%CWE-200

A vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions), APOGEE PXC Series (P2 Ethernet) (All versions), TALON TC Series (BACnet) (All versions). Affected devices connected to the network allow unrestricted access to sensitive files, such as databases. This could allow an attacker to download encrypted .db file containing passwords.

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Productos afectados

Siemens · APOGEE PXC Series (BACnet)Siemens · APOGEE PXC Series (P2 Ethernet)Siemens · TALON TC Series (BACnet)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://cert-portal.siemens.com/productcert/html/ssa-916339.html