CVE-2017-9947

Published: Oct 23, 2017Modified: Jun 2, 2026

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. A directory traversal vulnerability could allow a remote attacker with network access to the integrated web server (80/tcp and 443/tcp) to obtain information on the structure of the file system of the affected devices.

Affected (4)

Products: Siemens: Apogee Pxc Firmware, Apogee Pxc Modular Firmware, Talon Tc Compact Firmware, Talon Tc Modular Firmware

4 products

Apogee Pxc Firmware

Apogee Pxc Modular Firmware

Talon Tc Compact Firmware

Talon Tc Modular Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Apogee Pxc Firmware	Before 3.5

Running on/with	Platform Versions
Siemens Apogee Pxc	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Apogee Pxc Modular Firmware	Before 3.5

Running on/with	Platform Versions
Siemens Apogee Pxc Modular	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Talon Tc Compact Firmware	Before 3.5

Running on/with	Platform Versions
Siemens Talon Tc Compact	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Talon Tc Modular Firmware	Before 3.5

Running on/with	Platform Versions
Siemens Talon Tc Modular	All versions

Related CWEs

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Insertion of Sensitive Information into Externally-Accessible File or Directory

The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information.

References (9)

http://packetstormsecurity.com/files/169544/Siemens-APOGEE-PXC-TALON-TC-Authentication-Bypass.html

Source: productcert@siemens.com

ExploitThird Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/101248

Source: productcert@siemens.com

Broken LinkThird Party AdvisoryVDB Entry

https://cert-portal.siemens.com/productcert/pdf/ssa-148078.pdf

Source: productcert@siemens.com

Vendor Advisory

https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-148078.pdf

Source: productcert@siemens.com

Broken LinkVendor Advisory

http://packetstormsecurity.com/files/169544/Siemens-APOGEE-PXC-TALON-TC-Authentication-Bypass.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/101248

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkThird Party AdvisoryVDB Entry

https://cert-portal.siemens.com/productcert/pdf/ssa-148078.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-148078.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkVendor Advisory

https://packetstorm.news/files/id/169544

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Timeline

No history available yet.