CVE-2020-28388Predictable Exact Value from Previous Values in Siemens Nucleus NET

CWE-342Predictable Exact Value from Previous Values3 documents3 sources
Severity
5.3MEDIUMNVD
CNA6.5
EPSS
0.4%
top 37.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Siemens Nucleus NETSiemens Nucleus ReadystartSiemens Apogee PXC Compact+6 more
Timeline
PublishedFeb 9
Latest updateMay 24

Description

A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus ReadyStart V3 (All versions < V2012.12), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages10 packages

CVEListV5siemens/apogee_pxc_compactAll versions < V2.8.20, All versions < V3.5.5+1
CVEListV5siemens/apogee_pxc_modularAll versions < V2.8.20, All versions < V3.5.5+1
CVEListV5siemens/nucleus_source_codeAll versions
CVEListV5siemens/talon_tc_compactAll versions < V3.5.5
CVEListV5siemens/talon_tc_modularAll versions < V3.5.5

🔴Vulnerability Details

2
GHSA
GHSA-j6gp-g45q-2wm2: A vulnerability has been identified in Nucleus NET (All versions < V52022-05-24
CVEList
CVE-2020-28388: A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V32021-02-09
CVE-2020-28388 — Siemens Nucleus NET vulnerability | cvebase