PatchSiren cyber security CVE debrief
CVE-2024-54090 Siemens CVE debrief
CVE-2024-54090 affects Siemens APOGEE PXC Series (BACnet/P2 Ethernet) and TALON TC Series (BACnet). CISA and Siemens describe an out-of-bounds read in the memory dump function that could allow an attacker with Medium (MED) or higher privileges to force the device into an insecure cold start state. The advisory was published on 2025-02-11 and lists mitigations, but no vendor fix was available at publication.
- Vendor
- Siemens
- Product
- APOGEE PXC Series (BACnet)
- CVSS
- MEDIUM 5.9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-02-11
- Original CVE updated
- 2025-02-11
- Advisory published
- 2025-02-11
- Advisory updated
- 2025-02-11
Who should care
OT/ICS operators, building automation teams, integrators, and maintainers of Siemens APOGEE PXC and TALON TC deployments, especially where BACnet or P2 Ethernet controllers are reachable from management networks or shared administrative accounts are in use.
Technical summary
The source advisory identifies an out-of-bounds read in the memory dump function on affected Siemens devices. The stated impact is that a Medium-privileged or higher attacker could cause an insecure cold start state, which is an operationally significant availability and safety concern in control environments. The advisory does not provide a patch at publication time and instead recommends access and configuration mitigations.
Defensive priority
High for affected deployments, because there is no fix available at publication and the reported condition can push controllers into an insecure cold start state.
Recommended defensive actions
- Change all three default passwords, even if they are not currently in use.
- Disable Telnet where possible; the advisory notes Telnet is disabled by default.
- Inventory affected Siemens APOGEE PXC and TALON TC devices and verify whether any management interfaces are exposed.
- Restrict administrative and engineering access to trusted networks and accounts, following CISA ICS defense-in-depth guidance.
- Monitor for unexpected cold starts, reboots, or other abnormal controller behavior, and confirm recovery procedures are documented.
Evidence notes
Primary evidence comes from CISA's CSAF advisory ICSA-25-044-11 and Siemens advisory SSA-615116, both published on 2025-02-11. The source text states that affected devices contain an out-of-bounds read in the memory dump function and that an attacker with Medium or higher privileges could cause an insecure cold start state. The advisory also lists mitigations and says no fix is currently available. One source detail is internally inconsistent: the description mentions Medium privileges, while the CVSS vector lists PR:N; this debrief preserves both source statements without resolving the discrepancy.
Official resources
-
CVE-2024-54090 CVE record
CVE.org
-
CVE-2024-54090 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Public advisory disclosed on 2025-02-11 via CISA ICSA-25-044-11 and Siemens SSA-615116; no vendor fix was available at publication.