Vulnerabilities > KNX

DATE	CVE	VULNERABILITY TITLE	RISK
2023-08-29	CVE-2023-4346	Overly Restrictive Account Lockout Mechanism vulnerability in KNX Connection Authorization KNX devices that use KNX Connection Authorization and support Option 1 are, depending on the implementation, vulnerable to being locked and users being unable to reset them to gain access to the device. network low complexity knx CWE-645	7.5
2021-11-09	CVE-2021-43575	Use of Hard-coded Credentials vulnerability in KNX Engineering Tool Software 6 6.0.0 KNX ETS6 through 6.0.0 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information, a similar issue to CVE-2021-36799. local low complexity knx CWE-798	5.5
2021-07-19	CVE-2021-36799	Use of Hard-coded Credentials vulnerability in KNX Engineering Tool Software 5 KNX ETS5 through 5.7.6 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information. local low complexity knx CWE-798	8.8
2017-08-29	CVE-2015-8299	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in KNX ETS 4.1.5 Buffer overflow in the Group messages monitor (Falcon) in KNX ETS 4.1.5 (Build 3246) allows remote attackers to execute arbitrary code via a crafted KNXnet/IP UDP packet. network low complexity knx CWE-119 critical	9.8

Vulnerabilities > KNX {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"KNX"}]}