Vulnerability Details CVE-2021-27391
A vulnerability has been identified in APOGEE MBC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE MEC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE PXC Compact (BACnet) (All versions < V3.5.3), APOGEE PXC Compact (P2 Ethernet) (All versions >= V2.8), APOGEE PXC Modular (BACnet) (All versions < V3.5.3), APOGEE PXC Modular (P2 Ethernet) (All versions >= V2.8), TALON TC Compact (BACnet) (All versions < V3.5.3), TALON TC Modular (BACnet) (All versions < V3.5.3). The web server of affected devices lacks proper bounds checking when parsing the Host parameter in HTTP requests, which could lead to a buffer overflow. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the device with root privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.029
EPSS Ranking 85.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2021-27391
-
cpe:2.3:h:siemens:apogee_mbc_(ppc)_(p2_ethernet):*
-
cpe:2.3:h:siemens:apogee_mec_(ppc)_(p2_ethernet):*
-
cpe:2.3:h:siemens:apogee_pxc_bacnet_automation_controller:-
-
cpe:2.3:h:siemens:apogee_pxc_compact_(p2_ethernet):*
-
cpe:2.3:h:siemens:apogee_pxc_modular_(bacnet):*
-
cpe:2.3:h:siemens:apogee_pxc_modular_(p2_ethernet):*
-
cpe:2.3:h:siemens:talon_tc_compact_(bacnet):*
-
cpe:2.3:h:siemens:talon_tc_modular_(bacnet):-
-
cpe:2.3:o:siemens:apogee_mbc_(ppc)_(p2_ethernet)_firmware:*
-
cpe:2.3:o:siemens:apogee_mec_(ppc)_(p2_ethernet)_firmware:*
-
cpe:2.3:o:siemens:apogee_pxc_bacnet_automation_controller_firmware:-
-
cpe:2.3:o:siemens:apogee_pxc_bacnet_automation_controller_firmware:3.5
-
cpe:2.3:o:siemens:apogee_pxc_compact_(p2_ethernet)_firmware:*
-
cpe:2.3:o:siemens:apogee_pxc_modular_(bacnet)_firmware:*
-
cpe:2.3:o:siemens:apogee_pxc_modular_(p2_ethernet)_firmware:*
-
cpe:2.3:o:siemens:talon_tc_compact_(bacnet)_firmware:*
-
cpe:2.3:o:siemens:talon_tc_modular_(bacnet)_firmware:-