VYPR
Vendor

Knx

Products
4
CVEs
4
Across products
4
Status
Private

Products

4

Recent CVEs

4
  • CVE-2015-8299CriAug 29, 2017
    risk 0.64cvss 9.8epss 0.06

    Buffer overflow in the Group messages monitor (Falcon) in KNX ETS 4.1.5 (Build 3246) allows remote attackers to execute arbitrary code via a crafted KNXnet/IP UDP packet.

  • CVE-2021-36799HigJul 19, 2021
    risk 0.57cvss 8.8epss 0.00

    KNX ETS5 through 5.7.6 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

  • CVE-2023-4346HigAug 29, 2023
    risk 0.49cvss 7.5epss 0.00

    KNX devices that use KNX Connection Authorization and support Option 1 are, depending on the implementation, vulnerable to being locked and users being unable to reset them to gain access to the device. The BCU key feature on the devices can be used to create a password for the…

  • CVE-2021-43575MedNov 9, 2021
    risk 0.36cvss 5.5epss 0.00

    KNX ETS6 through 6.0.0 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information, a similar issue to CVE-2021-36799. NOTE: The vendor disputes this because it is not the responsibility of the ETS to securely…