CVE-2021-27391 Information

Jun 07, 2022 cve

Description

A vulnerability has been identified in APOGEE MBC (PPC) (P2 Ethernet) (All versions >= V2.6.3) APOGEE MEC (PPC) (P2 Ethernet) (All versions >= V2.6.3) APOGEE PXC Compact (BACnet) (All versions < V3.5.3) APOGEE PXC Compact (P2 Ethernet) (All versions >= V2.8) APOGEE PXC Modular (BACnet) (All versions < V3.5.3) APOGEE PXC Modular (P2 Ethernet) (All versions >= V2.8) TALON TC Compact (BACnet) (All versions < V3.5.3) TALON TC Modular (BACnet) (All versions < V3.5.3). The web server of affected devices lacks proper bounds checking when parsing the Host parameter in HTTP requests which could lead to a buffer overflow. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the device with root privileges.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

https://cert-portal.siemens.com/productcert/pdf/ssa-944498.pdf

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

9.8

Share on: