A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. A directory traversal vulnerability could allow a remote attacker with network access to the integrated web server (80/tcp and 443/tcp) to obtain information on the structure of the file system of the affected devices.
[
{
"vendor": "n/a",
"product": "APOGEE PXC and TALON TC BACnet Automation Controllers All versions <V3.5",
"versions": [
{
"version": "APOGEE PXC and TALON TC BACnet Automation Controllers All versions <V3.5",
"status": "affected"
}
]
}
]