DNS Domain Name Record Vulnerability in APOGEE and TALON Systems by Siemens
CVE-2020-27009

8.1HIGH

Key Information:

Vendor: Siemens
Status: Apogee Pxc Compact (bacnet); Apogee Pxc Compact (p2 Ethernet); Apogee Pxc Modular (bacnet); Apogee Pxc Modular (p2 Ethernet)
Vendor: CVE Published:; 22 April 2021

Summary

A vulnerability exists in Siemens' APOGEE and TALON systems where the DNS domain name record decompression functionality fails to validate pointer offset values correctly. This flaw allows an attacker with access to the network to send malformed DNS responses, which can lead to writing beyond the allocated memory. Exploitation of this vulnerability could enable the attacker to execute arbitrary code in the context of the affected process or trigger a denial-of-service condition.

Affected Version(s)

APOGEE PXC Compact (BACnet) All versions < V3.5.5

APOGEE PXC Compact (P2 Ethernet) All versions < V2.8.20

APOGEE PXC Modular (BACnet) All versions < V3.5.5

References

https://cert-portal.siemens.com/productcert/pdf/ssa-18569...

https://cert-portal.siemens.com/productcert/pdf/ssa-18057...

EPSS Score

19% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 22, 2021
Vulnerability Reserved
Oct 12, 2020