Lucene search
HistoryJun 05, 2024 - 6:15 p.m.
CVE-2024-4008
cve-2024-4008
security vulnerability
knx bus-system
9.6 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
7.3 High
CVSS4
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:L/SC:L/VI:H/SI:H/VA:H/SA:H/S:N/AU:N/U:Green/V:D/RE:M
6.7 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
23.5%
FDSK Leak in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to take control via access to local KNX Bus-System
Affected configurations
Node
abb2tma310010b0001_firmwareRange<1.02
abb2tma310010b0001Match-
Node
abb2tma310011b0001_firmwareRange<1.02
abb2tma310011b0001Match-
Node
abb2tma310011b0002_firmwareRange<1.02
abb2tma310011b0002Match-
Node
abb2tma310010b0003_firmwareRange<1.02
abb2tma310010b0003Match-
Node
abb2tma310011b0003_firmwareRange<1.02
abb2tma310011b0003Match-
| CPE | Name | Operator | Version |
|---|---|---|---|
| abb:2tma310010b0001_firmware | abb 2tma310010b0001 firmware | lt | 1.02 |
CNA Affected
[
{
"collectionURL": "https://new.abb.com/products/de/2TMA310010B0001/sd-u12-55-11-825",
"defaultStatus": "unaffected",
"platforms": [
"proprietary"
],
"product": "2.4! Display 55, SD/U12.55.11-825",
"vendor": "ABB, Busch-Jaeger",
"versions": [
{
"status": "affected",
"version": "1.00",
"versionType": "custom"
}
]
},
{
"collectionURL": "https://new.abb.com/products/de/2TMA310011B0001/sd-u12-55-1-825",
"defaultStatus": "unaffected",
"platforms": [
"proprietary"
],
"product": "2.4! Display 55, SD/SD/U12.55.1-825",
"vendor": "ABB, Busch-Jaeger",
"versions": [
{
"status": "affected",
"version": "1.00",
"versionType": "custom"
}
]
},
{
"collectionURL": "https://new.abb.com/products/de/2TMA310010B0003/",
"defaultStatus": "unaffected",
"platforms": [
"proprietary"
],
"product": "2.4! Display 63, SD/U12.63.11-825",
"vendor": "ABB, Busch-Jaeger",
"versions": [
{
"status": "affected",
"version": "1.00",
"versionType": "custom"
}
]
},
{
"collectionURL": "https://new.abb.com/products/de/2TMA310011B0003/rt-u12-86-1-825",
"defaultStatus": "unaffected",
"platforms": [
"proprietary"
],
"product": "RoomTouch 4\", RT/U12.86.1-825",
"vendor": "ABB, Busch-Jaeger",
"versions": [
{
"status": "affected",
"version": "1.00",
"versionType": "custom"
}
]
},
{
"collectionURL": "https://new.abb.com/products/de/2TMA310010B0004/rt-u12-86-11-825",
"defaultStatus": "unaffected",
"product": "RoomTouch 4\", RT/U12.86.11-825",
"vendor": "ABB, Busch-Jaeger",
"versions": [
{
"status": "affected",
"version": "1.00",
"versionType": "custom"
}
]
},
{
"collectionURL": "https://new.abb.com/products/de/2TMA310010B0006/sd-u12-70-11-4015",
"defaultStatus": "unaffected",
"product": "2,4'' Display 70, SD/U12.70.11-4015",
"vendor": "ABB, Busch-Jaeger",
"versions": [
{
"status": "affected",
"version": "1.00",
"versionType": "custom"
}
]
},
{
"collectionURL": "https://new.abb.com/products/de/2TMA310011B00004/sd-u12-70-1-4015",
"defaultStatus": "unaffected",
"product": "2,4'' Display 70, SD-U12-70-1-4015",
"vendor": "ABB, Busch-Jaeger",
"versions": [
{
"status": "affected",
"version": "1.00",
"versionType": "custom"
}
]
},
{
"collectionURL": "https://new.abb.com/products/de/2TMA310010W0001/rt-u12-86-11-811",
"defaultStatus": "unaffected",
"platforms": [
"proprietary"
],
"product": "RoomTouch 4\", RT/U12.86.11-811",
"vendor": "ABB, Busch-Jaeger",
"versions": [
{
"status": "affected",
"version": "1.00",
"versionType": "custom"
}
]
},
{
"collectionURL": "https://new.abb.com/products/de/2TMA310011W0001/rt-u12-86-1-811",
"defaultStatus": "unaffected",
"platforms": [
"proprietary"
],
"product": "RoomTouch 4\", RT-U12-86-1-811",
"vendor": "ABB, Busch-Jaeger",
"versions": [
{
"status": "affected",
"version": "1.00",
"versionType": "custom"
}
]
},
{
"collectionURL": "https://new.abb.com/products/de/2CKA006120A0079/ba-u1-0-11",
"defaultStatus": "unaffected",
"platforms": [
"proprietary"
],
"product": "BCU KNX, BA-U1.0.11",
"vendor": "ABB, Busch-Jaeger",
"versions": [
{
"status": "affected",
"version": "1.3.0.33",
"versionType": "custom"
}
]
},
{
"collectionURL": "https://new.abb.com/products/de/2CKA006120A0080/ba-u1-0-1",
"defaultStatus": "unaffected",
"platforms": [
"proprietary"
],
"product": "BCU KNX, BA-U1.0.1",
"vendor": "ABB, Busch-Jaeger",
"versions": [
{
"status": "affected",
"version": "1.3.0.33",
"versionType": "custom"
}
]
},
{
"collectionURL": "https://new.abb.com/products/de/2CKA006120A0081/ba-u1-0-21",
"defaultStatus": "unaffected",
"platforms": [
"proprietary"
],
"product": "BCU KNX, BA-U1.0.21",
"vendor": "ABB, Busch-Jaeger",
"versions": [
{
"status": "affected",
"version": "1.3.0.33",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2024-4008 FDSK Leak in KNX Secure Devices
2024-06-05 17:15:56
nvd
nvd
CVE-2024-4008
2024-06-05 18:15:11
cvelist
cvelist
CVE-2024-4008 FDSK Leak in KNX Secure Devices
2024-06-05 17:15:56
9.6 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
7.3 High
CVSS4
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:L/SC:L/VI:H/SI:H/VA:H/SA:H/S:N/AU:N/U:Green/V:D/RE:M
6.7 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
23.5%
Related for CVE-2024-4008