Siemens APOGEE PXC / TALON TC Authentication Bypass
Posted by deepcore on October 29, 2022 – 10:46 am
APOLOGEE is a Python script and Metasploit module that enumerates a hidden directory on Siemens APOGEE PXC BACnet Automation Controllers and TALON TC BACnet Automation Controllers. With a 7.5 CVSS, this exploit allows for an attacker to perform an authentication bypass using an alternate path or channel to access hidden directories in the web server. All versions prior to 3.5 are affected.
Post a reply
You must be logged in to post a comment.