DNS Domain Name Record Vulnerability in APOGEE and TALON Systems by Siemens
CVE-2020-27009

8.1HIGH

Key Information:

Vendor: Siemens
Status: Apogee Pxc Compact (bacnet); Apogee Pxc Compact (p2 Ethernet); Apogee Pxc Modular (bacnet); Apogee Pxc Modular (p2 Ethernet)
Vendor: CVE Published:; 22 April 2021

What is CVE-2020-27009?

A vulnerability exists in Siemens' APOGEE and TALON systems where the DNS domain name record decompression functionality fails to validate pointer offset values correctly. This flaw allows an attacker with access to the network to send malformed DNS responses, which can lead to writing beyond the allocated memory. Exploitation of this vulnerability could enable the attacker to execute arbitrary code in the context of the affected process or trigger a denial-of-service condition.

Affected Version(s)

APOGEE PXC Compact (BACnet) All versions < V3.5.5

APOGEE PXC Compact (P2 Ethernet) All versions < V2.8.20

APOGEE PXC Modular (BACnet) All versions < V3.5.5

References

https://cert-portal.siemens.com/productcert/pdf/ssa-18569...

https://cert-portal.siemens.com/productcert/pdf/ssa-18057...

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 22, 2021
Vulnerability Reserved
Oct 12, 2020