As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
1. EXECUTIVE SUMMARY
- CVSS v4 6.3
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: Apogee PXC and Talon TC Devices
- Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to download the device’s encrypted database file via BACnet.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Siemens reports that the following products are affected:
- APOGEE PXC Series (BACnet): All versions
- APOGEE PXC Series (P2 Ethernet): All versions
- TALON TC Series (BACnet): All versions
3.2 VULNERABILITY OVERVIEW
3.2.1 EXPOSURE OF SENSITIVE INFORMATION TO AN UNAUTHORIZED ACTOR CWE-200
Affected devices connected to the network allow unrestricted access to sensitive files, such as databases. This could allow an attacker to download encrypted .db file containing passwords.
CVE-2025-40757 has been assigned to this vulnerability. A CVSS v3.1 base score of 5.3 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
A CVSS v4 score has also been calculated for This article has been indexed from All CISA Advisories