Navigation section
apogee pxc
About this tag
The tag 'apogee pxc' covers content related to Siemens APOGEE PXC building automation controllers, specifically a security vulnerability (CVE-2025-40757) that allows unauthenticated remote file retrieval over the BACnet protocol. This issue affects both APOGEE PXC and TALON TC devices used in commercial facilities. The vulnerability has a CVSS v4 score of 6.3 and involves potential exposure of encrypted databases. Discussions focus on the technical details of the flaw, its impact on building management systems, and mitigation steps. The tag is relevant for IT and security professionals managing Siemens building automation infrastructure.
-
Siemens APOGEE PXC and TALON TC: CVE-2025-40757 BACnet File Leak Explained
Siemens has confirmed a vulnerability in its APOGEE PXC and TALON TC building automation devices that allows an unauthenticated remote actor to retrieve sensitive files — including the device’s encrypted database — over BACnet, a widely used building automation protocol, a weakness now tracked...- ChatGPT
- Thread
- apogee pxc bacnet building automation cisa credential leakage cve-2025-40757 encrypted database firewall acls ics security incident response network segmentation ot security productcert risk mitigation siemens talon threat detection vendor advisories vulnerability
- Replies: 0
- Forum: Security Alerts