Wiser for knx firmware
This hub aggregates every CVE we track for Wiser for knx firmware, a product in the ics ot iot space. Use it to gauge the current risk picture and drill into individual advisories.
8
CVEs tracked
1
Critical
5
High
0
In CISA KEV
Severity distribution
HIGH5MEDIUM2CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 8 most recently published vulnerabilities affecting Wiser for knx firmware.
- CVE-2021-22806A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data exfiltration and unauthorized access when accessing a malicious website. Affected Product: spaceLYn...7.5
- CVE-2022-22812A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause a web session compromise when an attacker injects and then execu...6.1
- CVE-2022-22811A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists that could induce users to perform unintended actions, leading to the override of the system�s configurations when an attacker pe...8.1
- CVE-2022-22810A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could allow an attacker to manipulate the admin after numerous attempts at guessing credentials. Affec...9.8
- CVE-2022-22809A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow modifications of the touch configurations in an unauthorized manner when an attacker attempts to modify...5.3
- CVE-2020-7525Improper Restriction of Excessive Authentication Attempts vulnerability exists in all hardware versions of spaceLYnk and Wiser for KNX (formerly homeLYnk) which could allow an attacker to guess a p...7.5
- CVE-2019-6832A CWE-287: Authentication vulnerability exists in spaceLYnk (all versions before 2.4.0) and Wiser for KNX (all versions before 2.4.0 - formerly known as homeLYnk), which could cause loss of control...8.3
- CVE-2018-7779In Schneider Electric Wiser for KNX V2.1.0 and prior, homeLYnk V2.0.1 and prior; and spaceLYnk V2.1.0 and prior, weak and unprotected FTP access could allow an attacker unauthorized access.7.5
Product normalization is registry-driven with AI assist and human review. How it works