Denial-of-Service Vulnerability in APOGEE PXC, Nucleus, and SIMOTICS CONNECT Products
CVE-2020-27738

6.5MEDIUM

Key Information:

Vendor: Siemens
Status: Apogee Pxc Compact (bacnet); Apogee Pxc Compact (p2 Ethernet); Apogee Pxc Modular (bacnet); Apogee Pxc Modular (p2 Ethernet)
Vendor: CVE Published:; 22 April 2021

What is CVE-2020-27738?

A vulnerability exists in the DNS domain name record decompression function across multiple Siemens products. This issue arises due to improper validation of pointer offset values, which can lead to a read access beyond the allocated structures. An attacker positioned on the network may exploit this weakness to initiate a denial-of-service condition, potentially disrupting service availability.

Affected Version(s)

APOGEE PXC Compact (BACnet) All versions < V3.5.5

APOGEE PXC Compact (P2 Ethernet) All versions < V2.8.20

APOGEE PXC Modular (BACnet) All versions < V3.5.5

References

https://cert-portal.siemens.com/productcert/pdf/ssa-70511...

https://cert-portal.siemens.com/productcert/pdf/ssa-66915...

https://cert-portal.siemens.com/productcert/pdf/ssa-18057...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 22, 2021
Vulnerability Reserved
Oct 26, 2020