CVE-2022-22809

2022-02-0900:00:00

CWE-306

schneider

www.cve.org

5.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.5%

JSON

A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow modifications of the touch configurations in an unauthorized manner when an attacker attempts to modify the touch configurations. Affected Product: spaceLYnk (V2.6.2 and prior), Wiser for KNX (formerly homeLYnk) (V2.6.2 and prior), fellerLYnk (V2.6.2 and prior)

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "spaceLYnk (V2.6.2 and prior), Wiser for KNX (formerly homeLYnk) (V2.6.2 and prior), fellerLYnk (V2.6.2 and prior)",
    "versions": [
      {
        "version": "spaceLYnk (V2.6.2 and prior), Wiser for KNX (formerly homeLYnk) (V2.6.2 and prior), fellerLYnk (V2.6.2 and prior)",
        "status": "affected"
      }
    ]
  }
]

References

download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-04