Vulnerability Details CVE-2020-28388
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus ReadyStart V3 (All versions < V2012.12), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). Initial Sequence Numbers (ISNs) for TCP connections are derived from an insufficiently random source. As a result, the ISN of current and future TCP connections could be predictable. An attacker could hijack existing sessions or spoof future ones.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.5%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 5.0
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-344238.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-362164.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-436469.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-344238.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-362164.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-436469.pdf
Products affected by CVE-2020-28388
-
cpe:2.3:a:siemens:capital_vstar:-
-
cpe:2.3:a:siemens:nucleus_net:-
-
cpe:2.3:a:siemens:nucleus_readystart:-
-
cpe:2.3:a:siemens:nucleus_readystart:4.1.0
-
cpe:2.3:a:siemens:nucleus_source_code:-
-
cpe:2.3:a:siemens:pluscontrol_1st_gen:-
-
cpe:2.3:h:arm:arm:-
-
cpe:2.3:h:mips:mips:-
-
cpe:2.3:h:powerpc_project:powerpc:-