https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-845392.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-223353.pdf
https://www.cisa.gov/news-events/ics-advisories/icsa-21-313-03
https://www.cisa.gov/news-events/ics-advisories/icsa-21-315-07
Severity: Medium
ID: 500601
Version: 1.12
Type: remote
Family: Tenable.ot
Published: 2/7/2022
Updated: 4/16/2025
Supported Sensors: Tenable OT Security
Risk Factor: Low
Score: 1.4
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS Score Source: CVE-2021-31344
Risk Factor: Medium
Base Score: 5.3
Temporal Score: 4.6
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CPE: cpe:/o:siemens:apogee_modular_equiment_controller_firmware, cpe:/o:siemens:desigo_pxc200-e.d_firmware, cpe:/o:siemens:desigo_pxc64-u_firmware, cpe:/o:siemens:desigo_pxc128-u_firmware, cpe:/o:siemens:desigo_pxc22.1-e.d_firmware, cpe:/o:siemens:desigo_pxc36.1-e.d_firmware, cpe:/o:siemens:apogee_pxc_modular_firmware, cpe:/o:siemens:desigo_pxc100-e.d_firmware, cpe:/o:siemens:desigo_pxc001-e.d_firmware, cpe:/o:siemens:desigo_pxc00-e.d_firmware, cpe:/o:siemens:desigo_pxc22-e.d_firmware, cpe:/o:siemens:desigo_pxm20-e_firmware, cpe:/o:siemens:desigo_pxc12-e.d_firmware, cpe:/o:siemens:apogee_modular_building_controller_firmware, cpe:/o:siemens:apogee_pxc_compact_firmware, cpe:/o:siemens:desigo_pxc00-u_firmware, cpe:/o:siemens:desigo_pxc50-e.d_firmware
Required KB Items: Tenable.ot/Siemens
Exploit Ease: No known exploits are available
Patch Publication Date: 11/9/2021
Vulnerability Publication Date: 11/9/2021
CVE: CVE-2021-31344
CWE: 843
ICSA: 21-313-03, 21-315-07