CVE-2021-27391
published 2021-09-14CVE-2021-27391: A vulnerability has been identified in APOGEE MBC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE MEC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
A vulnerability has been identified in APOGEE MBC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE MEC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE PXC Compact (BACnet) (All versions = V2.8), APOGEE PXC Modular (BACnet) (All versions = V2.8), TALON TC Compact (BACnet) (All versions < V3.5.3), TALON TC Modular (BACnet) (All versions < V3.5.3). The web server of affected devices lacks proper bounds checking when parsing the Host parameter in HTTP requests, which could lead to a buffer overflow. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the device with root privileges.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | apogee_mbc | — | — |
| siemens | apogee_mbc_firmware | <= 2.6.3 | — |
| siemens | apogee_mec | — | — |
| siemens | apogee_mec_firmware | <= 2.6.3 | — |
| siemens | apogee_pxc_bacnet_automation_controller_firmware | < 3.5.3 | 3.5.3 |
| siemens | apogee_pxc_compact | — | — |
| siemens | apogee_pxc_compact | — | — |
| siemens | apogee_pxc_compact_firmware | <= 2.8 | — |
| siemens | apogee_pxc_modular | — | — |
| siemens | apogee_pxc_modular | — | — |
| siemens | apogee_pxc_modular_firmware | < 3.5.3 | 3.5.3 |
| siemens | apogee_pxc_modular_firmware | <= 2.8 | — |
| siemens | talon_tc_compact | — | — |
| siemens | talon_tc_compact_firmware | < 3.5.3 | 3.5.3 |
| siemens | talon_tc_modular | — | — |
| siemens | talon_tc_modular_firmware | < 3.5.3 | 3.5.3 |