CVE-2017-9947
published 2017-10-23CVE-2017-9947: A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. A directory traversal vulnerability…
PriorityP337medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EPSS
7.28%
93.6th percentile
A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. A directory traversal vulnerability could allow a remote attacker with network access to the integrated web server (80/tcp and 443/tcp) to obtain information on the structure of the file system of the affected devices.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | apogee_pxc_firmware | < 3.5 | 3.5 |
| siemens | apogee_pxc_modular_firmware | < 3.5 | 3.5 |
| siemens | talon_tc_compact_firmware | < 3.5 | 3.5 |
| siemens | talon_tc_modular_firmware | < 3.5 | 3.5 |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Siemens APOGEE PXC/TALON TC BACnet up to 3.4 Integrated Web Server path traversal (ssa-148078 / BID-101248)
vuldb·2026-06-03·CVSS 5.3
CVE-2017-9947 [MEDIUM] Siemens APOGEE PXC/TALON TC BACnet up to 3.4 Integrated Web Server path traversal (ssa-148078 / BID-101248)
A vulnerability, which was classified as problematic, has been found in Siemens APOGEE PXC and TALON TC BACnet up to 3.4. This issue affects some unknown processing of the component Integrated Web Server. Performing a manipulation results in path traversal.
This vulnerability is known as CVE-2017-9947. Remote exploitation of the attack is possible. No exploit is available.
It is advisable to upgrade the affected component.
GHSA
GHSA-m28r-jg2j-26cv: A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3
ghsa_unreviewed·2022-05-13
CVE-2017-9947 [MEDIUM] CWE-22 GHSA-m28r-jg2j-26cv: A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3
A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. A directory traversal vulnerability could allow a remote attacker with network access to the integrated web server (80/tcp and 443/tcp) to obtain information on the structure of the file system of the affected devices.
CISA ICS
Siemens BACnet Field Panels (Update A)
cisa_ics·2017-10-12·CVSS 7.5
[HIGH] Siemens BACnet Field Panels (Update A)
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Siemens BACnet Field Panels (Update A)
Last RevisedJune 16, 2022
Alert CodeICSA-17-285-05
## 1. EXECUTIVE SUMMARY
- CVSS v3 7.5
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: BACnet Field Panels
- Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Path Traversal
## 2. UPDATE INFORMATION
This updated advisory is a follow-up to the original advisory titled ICSA-17-285-05 Siemens BACnet Field Panels that was published October 12, 2017, on the ICS webpage on cisa.gov/ics.
## 3. RISK EVALUATION
Successful exploit
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/169544/Siemens-APOGEE-PXC-TALON-TC-Authentication-Bypass.htmlhttp://www.securityfocus.com/bid/101248https://cert-portal.siemens.com/productcert/pdf/ssa-148078.pdfhttps://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-148078.pdfhttp://packetstormsecurity.com/files/169544/Siemens-APOGEE-PXC-TALON-TC-Authentication-Bypass.htmlhttp://www.securityfocus.com/bid/101248https://cert-portal.siemens.com/productcert/pdf/ssa-148078.pdfhttps://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-148078.pdfhttps://packetstorm.news/files/id/169544
2017-10-23
Published