Schneider-electric Wiser For Knx Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Schneider-electric Wiser For Knx Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2022-22810 — CVSS 9.8 (critical): A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could allow an attacker to manipulate the…
CVE-2019-6832 — CVSS 8.3 (high): A CWE-287: Authentication vulnerability exists in spaceLYnk (all versions before 2.4.0) and Wiser for KNX (all versions before 2.4.0 -…
CVE-2022-22811 — CVSS 8.1 (high): A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists that could induce users to perform unintended actions, leading to the…
CVE-2020-7525 — CVSS 7.5 (high): Improper Restriction of Excessive Authentication Attempts vulnerability exists in all hardware versions of spaceLYnk and Wiser for KNX…
CVE-2021-22806 — CVSS 7.5 (high): A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data exfiltration and unauthorized access when…
CVE-2018-7779 — CVSS 7.5 (high): In Schneider Electric Wiser for KNX V2.1.0 and prior, homeLYnk V2.0.1 and prior; and spaceLYnk V2.1.0 and prior, weak and unprotected FTP…
CVE-2022-22812 — CVSS 6.1 (medium): A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause a web…
CVE-2022-22809 — CVSS 5.3 (medium): A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow modifications of the touch configurations in…