CVE-2017-9947

moderate-risk

Published 2017-10-23

A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. A directory traversal vulnerability could allow a remote attacker with network access to the integrated web server (80/tcp and 443/tcp) to obtain information on the structure of the file system of the affected devices.

Do I need to act?

10.0% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.3/10 Medium

NETWORK / LOW complexity

Affected Products (4)

Talon Tc Compact Firmware

Apogee Pxc Firmware

Apogee Pxc Modular Firmware

Talon Tc Modular Firmware

Affected Vendors

Siemens

References (8)

Exploit http://packetstormsecurity.com/files/169544/Siemens-APOGEE-PXC-TALON-TC-Authenti...

Broken Link http://www.securityfocus.com/bid/101248

Vendor Advisory https://cert-portal.siemens.com/productcert/pdf/ssa-148078.pdf

Broken Link https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-148078.pdf

Exploit http://packetstormsecurity.com/files/169544/Siemens-APOGEE-PXC-TALON-TC-Authenti...

Broken Link http://www.securityfocus.com/bid/101248

Vendor Advisory https://cert-portal.siemens.com/productcert/pdf/ssa-148078.pdf

Broken Link https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-148078.pdf

/ 100

moderate-risk

Severity 21/34 · High

Exploitability 11/34 · Low

Exposure 10/34 · Low