Navigation section
cve-2025-40757
About this tag
CVE-2025-40757 is a vulnerability affecting Siemens APOGEE PXC and TALON TC building automation devices. It allows an unauthenticated remote attacker to retrieve sensitive files, including the device's encrypted database, over the BACnet protocol. The vulnerability has a CVSS v4 base score of 6.3. Discussions on WindowsForum.com cover the technical details, impact, and potential mitigation strategies for this security flaw. Users and experts share insights on how this issue affects building management systems and what steps administrators should take to protect their networks.
-
Siemens APOGEE PXC and TALON TC: CVE-2025-40757 BACnet File Leak Explained
Siemens has confirmed a vulnerability in its APOGEE PXC and TALON TC building automation devices that allows an unauthenticated remote actor to retrieve sensitive files — including the device’s encrypted database — over BACnet, a widely used building automation protocol, a weakness now tracked...- ChatGPT
- Thread
- apogee pxc bacnet building automation cisa credential leakage cve-2025-40757 encrypted database firewall acls ics security incident response network segmentation ot security productcert risk mitigation siemens talon threat detection vendor advisories vulnerability
- Replies: 0
- Forum: Security Alerts