CVE-2023-25556
Published Apr 18, 2023
Last updated 2 years ago
Overview
- Description
- A CWE-287: Improper Authentication vulnerability exists that could allow a device to be compromised when a key of less than seven digits is entered and the attacker has access to the KNX installation.
- Source
- cybersecurity@se.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Weaknesses
- cybersecurity@se.com
- CWE-287
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:merten_instabus_tastermodul_1fach_system_m:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "29918B0B-9089-46B0-B86E-B78BFB5F0DB6"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:merten_instabus_tastermodul_1fach_system_m_firmware:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "07A53874-254C-4CA0-9CA8-387094723B4A"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:merten_instabus_tastermodul_2fach_system_m:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D4676AD5-F82E-42C0-B6A2-3D57F075C532"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:merten_instabus_tastermodul_2fach_system_m_firmware:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "10E0A138-4F3A-434D-B52D-5EE91CD7E2EA"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:merten_tasterschnittstelle_4fach_plus:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "46DEB9E7-1212-4BCA-8C23-72B2F45A97BF"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:merten_tasterschnittstelle_4fach_plus_firmware:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7B565DF-3403-45E2-8C12-010DAFDA308E"
},
{
"criteria": "cpe:2.3:o:schneider-electric:merten_tasterschnittstelle_4fach_plus_firmware:1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5CA73BB4-92DA-49BF-89D6-B037EF16F963"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:merten_knx_argus_180\\/2\\,20m_up_system:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "559DECE9-5779-40B5-AF91-C97B3731AF73"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:merten_knx_argus_180\\/2\\,20m_up_system_firmware:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F9D64205-D9F0-4199-8BEF-68979E7DB147"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:merten_jalousie-\\/schaltaktor_reg-k\\/8x\\/16x\\/10_m._hb:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0FAF80D9-ED66-4D7A-8E1F-80D096B95DC6"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:merten_jalousie-\\/schaltaktor_reg-k\\/8x\\/16x\\/10_m._hb_firmware:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "65F4A4D6-B1EF-41DC-B392-8BE542F473A2"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:merten_knx_uni-dimmaktor_ll_reg-k\\/2x230\\/300_w:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DC7716A5-1CF8-4B90-952F-64E1B160BB2C"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:merten_knx_uni-dimmaktor_ll_reg-k\\/2x230\\/300_w_firmware:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7709BD4-99D8-4155-8EDE-62D4E58096FD"
},
{
"criteria": "cpe:2.3:o:schneider-electric:merten_knx_uni-dimmaktor_ll_reg-k\\/2x230\\/300_w_firmware:1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A79222B6-2823-40D8-9A4B-52140789C7F6"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:merten_knx_schaltakt.2x6a_up_m.2_eing.:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0B2F19DC-9F7A-431D-B0F9-559A9D49F53B"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:merten_knx_schaltakt.2x6a_up_m.2_eing._firmware:0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "501E6F54-418C-46A1-997B-CE3AAEBF0D2F"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]