Siemens APOGEE PXC and TALON TC Series BACnet Partial Denial-of-Service Vulnerability

A partial denial-of-service vulnerability has been identified in Siemens APOGEE PXC+TALON TC Series devices that use BACnet, affecting all versions. The issue arises when the device processes a specific BACnet createObject request, after which it begins to send unsolicited BACnet broadcast messages. This behavior can be exploited by an attacker on the same BACnet network, who can send a specially crafted message that disrupts the normal operation of the targeted device. As a result, the device requires a power cycle to restore functionality, and the vulnerability may also impact the overall availability of the BACnet network.

Impact

Exploitation of this vulnerability leads to a partial denial-of-service condition on the affected device, causing it to disrupt normal operations and require a power cycle to restore functionality. Additionally, this issue can reduce the availability of the BACnet network as a whole.

Remediation

Currently, no fix is planned for this vulnerability. However, Siemens recommends protecting network access to affected products with appropriate security measures and following general security practices to maintain a secure IT environment.