Filtered by vendor Knx
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-36799 | 1 Knx | 1 Engineering Tool Software 5 | 2021-12-15 | 2.1 LOW | 8.8 HIGH |
| ** UNSUPPORTED WHEN ASSIGNED ** KNX ETS5 through 5.7.6 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2021-43575 | 1 Knx | 1 Engineering Tool Software 6 | 2021-11-15 | 2.1 LOW | 5.5 MEDIUM |
| ** DISPUTED ** KNX ETS6 through 6.0.0 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information, a similar issue to CVE-2021-36799. NOTE: The vendor disputes this because it is not the responsibility of the ETS to securely store cryptographic key material when it is not being exported. | |||||
| CVE-2015-8299 | 1 Knx | 1 Ets | 2019-03-14 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in the Group messages monitor (Falcon) in KNX ETS 4.1.5 (Build 3246) allows remote attackers to execute arbitrary code via a crafted KNXnet/IP UDP packet. | |||||