CVE-2017-9946
published 2017-10-23CVE-2017-9946: A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. An attacker with network access to…
PriorityP359high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
24.81%
97.6th percentile
A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. An attacker with network access to the integrated web server (80/tcp and 443/tcp) could bypass the authentication and download sensitive information from the device.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | apogee_pxc_firmware | < 3.5 | 3.5 |
| siemens | apogee_pxc_modular_firmware | < 3.5 | 3.5 |
| siemens | talon_tc_compact_firmware | < 3.5 | 3.5 |
| siemens | talon_tc_modular_firmware | < 3.5 | 3.5 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Siemens APOGEE PXC/TALON TC BACnet up to 3.4 Integrated Web Server improper authentication (ssa-148078 / BID-101248)
vuldb·2026-06-03·CVSS 7.5
CVE-2017-9946 [HIGH] Siemens APOGEE PXC/TALON TC BACnet up to 3.4 Integrated Web Server improper authentication (ssa-148078 / BID-101248)
A vulnerability classified as problematic was found in Siemens APOGEE PXC and TALON TC BACnet up to 3.4. This vulnerability affects unknown code of the component Integrated Web Server. Such manipulation leads to improper authentication.
This vulnerability is traded as CVE-2017-9946. The attack may be launched remotely. There is no exploit available.
Upgrading the affected component is advised.
GHSA
GHSA-fgqr-7xrp-hhfh: A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3
ghsa_unreviewed·2022-05-13
CVE-2017-9946 [HIGH] CWE-287 GHSA-fgqr-7xrp-hhfh: A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3
A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. An attacker with network access to the integrated web server (80/tcp and 443/tcp) could bypass the authentication and download sensitive information from the device.
CISA ICS
Siemens BACnet Field Panels (Update A)
cisa_ics·2017-10-12·CVSS 7.5
[HIGH] Siemens BACnet Field Panels (Update A)
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Siemens BACnet Field Panels (Update A)
Last RevisedJune 16, 2022
Alert CodeICSA-17-285-05
## 1. EXECUTIVE SUMMARY
- CVSS v3 7.5
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: BACnet Field Panels
- Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Path Traversal
## 2. UPDATE INFORMATION
This updated advisory is a follow-up to the original advisory titled ICSA-17-285-05 Siemens BACnet Field Panels that was published October 12, 2017, on the ICS webpage on cisa.gov/ics.
## 3. RISK EVALUATION
Successful exploit
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/169544/Siemens-APOGEE-PXC-TALON-TC-Authentication-Bypass.htmlhttp://www.securityfocus.com/bid/101248https://cert-portal.siemens.com/productcert/pdf/ssa-148078.pdfhttps://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-148078.pdfhttp://packetstormsecurity.com/files/169544/Siemens-APOGEE-PXC-TALON-TC-Authentication-Bypass.htmlhttp://www.securityfocus.com/bid/101248https://cert-portal.siemens.com/productcert/pdf/ssa-148078.pdfhttps://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-148078.pdfhttps://packetstorm.news/files/id/169544
2017-10-23
Published