https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf
https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06
https://www.cisa.gov/news-events/ics-advisories/icsa-19-318-01
Severity: High
ID: 500407
Version: 1.10
Type: remote
Family: Tenable.ot
Published: 2/7/2022
Updated: 4/16/2025
Supported Sensors: Tenable OT Security
Risk Factor: Medium
Score: 4.2
Risk Factor: Medium
Base Score: 4.8
Temporal Score: 3.5
Vector: CVSS2#AV:A/AC:L/Au:N/C:N/I:P/A:P
CVSS Score Source: CVE-2019-13939
Risk Factor: High
Base Score: 7.1
Temporal Score: 6.2
Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CPE: cpe:/o:siemens:apogee_modular_equiment_controller_firmware, cpe:/o:siemens:pxc200-e.d_firmware, cpe:/o:siemens:pxm20-e_firmware, cpe:/o:siemens:apogee_pxc_firmware, cpe:/o:siemens:pxc36.1-e.d_firmware, cpe:/o:siemens:pxc100-e.d_firmware, cpe:/o:siemens:pxc001-e.d_firmware, cpe:/o:siemens:pxc22-e.d_firmware, cpe:/o:siemens:pxc50-e.d_firmware, cpe:/o:siemens:pxc22.1-e.d_firmware, cpe:/o:siemens:apogee_modular_building_controller_firmware, cpe:/o:siemens:pxc00-e.d_firmware, cpe:/o:siemens:pxc12-e.d_firmware
Required KB Items: Tenable.ot/Siemens
Exploit Ease: No known exploits are available
Patch Publication Date: 1/16/2020
Vulnerability Publication Date: 1/16/2020
CVE: CVE-2019-13939
ICSA: 19-318-01, 20-105-06