Siemens Apogee Pxc Firmware vulnerabilities

CVE-2019-13939 [HIGH] CWE-20 CVE-2019-13939: A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions < V2.8.2), APOGEE PXC C A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions = V2.8.2 = V2.8.2 = V2.3 = V2.3x and = V2.3 = V2.3 = V2.3 = V2.3x and = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3x and = V2.3 < V6.0.327), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus Source Code (All versions), SIMOTICS CONNECT 400 (All

CVE-2017-9946 [HIGH] CWE-287 CVE-2017-9946: A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. An attacker with network access to the integrated web server (80/tcp and 443/tcp) could bypass the authentication and download sensitive information from the device.

CVE-2017-9947 [MEDIUM] CWE-538 CVE-2017-9947: A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. A directory traversal vulnerability could allow a remote attacker with network access to the integrated web server (80/tcp and 443/tcp) to obtain information on the structure of the file system of the affected devices.