QID 590707
Date Published: 2022-06-03
QID 590707: Siemens SIMOTICS, Desigo, APOGEE, and TALON (Update B) Vulnerability (ICSA-20-105-06)
AFFECTED PRODUCTS
Siemens reports the vulnerability affects the following products and versions:
APOGEE MEC/MBC/PXC (P2): All versions prior to 2.8.2
APOGEE PXC Series (BACnet): All versions, 3.0 and newer
APOGEE PCX Series (P2): All versions, 2.8.2 and newer
Desigo PXC00-E.D: All versions, 2.3x to v6.00.327
Desigo PXC00-U: All versions, 2.3x to v6.00.327
Desigo PXC001-E.D: All versions, 2.3x to v6.00.327
Desigo PXC12-E.D: All versions, 2.3x to v6.00.327
Desigo PXC22-E.D: All versions, 2.3x to v6.00.327
Desigo PXC22.1-E.D: All versions, 2.3x to v6.00.327
Desigo PXC36.1-E.D: All versions, 2.3x to v6.00.327
Desigo PXC50-E.D: All versions, 2.3x to v6.00.327
Desigo PXC64-U: All versions, 2.3x to v6.00.327
Desigo PXC100-E.D: All versions, 2.3x to v6.00.327
Desigo PXC128-U: All versions, 2.3x to v6.00.327
Desigo PXC200-E.D: All versions, 2.3x to v6.00.327
Desigo PXM20-E: All versions, 2.3x to v6.00.327
SIMOTICS CONNECT 400: All versions prior to 0.3.0.330
TALON TC Series (BACnet): All versions, 3.0 and newer
QID Detection Logic (Authenticated):
QID checks for the Vulnerable version of using passive scanning
Successful exploitation of this vulnerability could allow an attacker to affect the availability and integrity of the device.
Customers are advised to refer to CERT MITIGATIONS section ICSA-20-105-06 for affected packages and patching details.
- ICSA-20-105-06 -
www.us-cert.gov/ics/advisories/ICSA-20-105-06
CVEs related to QID 590707
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| ICSA-20-105-06 |
www.us-cert.gov/ics/advisories/ICSA-20-105-06 |