CVE-2025-40555

13.05.2025, 10:15

A vulnerability has been identified in APOGEE PXC+TALON TC Series (BACnet) (All versions). Affected devices start sending unsolicited BACnet broadcast messages after processing a specific BACnet createObject request. This could allow an attacker residing in the same BACnet network to send a specially crafted message that results in a partial denial of service condition of the targeted device, and potentially reduce the availability of BACnet network. A power cycle is required to restore the device's normal operation.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4.7 MEDIUM	ADJACENT_NETWORK	LOW	NONE	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
siemens	CNA	4.7 MEDIUM				CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
CISA-ADP	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 3%

Common Weakness Enumeration

CWE-440 - Expected Behavior Violation
A feature, API, or function does not perform according to its specification.

References

https://cert-portal.siemens.com/productcert/html/ssa-718393.html