all InfoSec news
SSA-180579 V1.1 (Last Update: 2023-08-08): Privilege Management Vulnerability and Multiple Nucleus RTOS Vulnerabilities in APOGEE/TALON Field Panels before V3.5.5/V2.8.20
Aug. 8, 2023, midnight |
Siemens ProductCERT Security Advisories cert-portal.siemens.com
APOGEE PXC / TALON TC field panels (BACnet before V3.5.5 and P2 Ethernet before V2.8.20) contain multiple vulnerabilities:
- CVE-2022-45937: A privilege management vulnerability that could allow low privilege authenticated attackers to gain high privilege access.
- CVE-2020-28388: Predictable Initial Sequence Numbers in the TCP/IP Stack of Nucleus RTOS (real-time operating system) used by the affected products.
- Several vulnerabilities in the DNS (domain name service) implementation of Nucleus RTOS.
Siemens has released updates for the affected products and recommends to update to …
access attackers cve ethernet high low management nucleus numbers panels privilege privilege access rtos ssa talon update vulnerabilities vulnerability
More from cert-portal.siemens.com / Siemens ProductCERT Security Advisories
Jobs in InfoSec / Cybersecurity
Consultant Sécurité SI H/F Gouvernance - Risques - Conformité - Nantes
@ Hifield | Saint-Herblain, France
L2 Security - Senior Security Engineer
@ Paytm | Noida, Uttar Pradesh
GRC Integrity Program Manager
@ Meta | Bellevue, WA | Menlo Park, CA | Washington, DC | New York City
Consultant Active Directory H/F
@ Hifield | Sèvres, France
Consultant PCI-DSS H/F
@ Hifield | Sèvres, France
Head of Security Operations
@ Canonical Ltd. | Home based - Americas, EMEA