CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
26.2%
A CWE-287: Improper Authentication vulnerability exists that could allow a device to be
compromised when a key of less than seven digits is entered and the attacker has access to the
KNX installation.
[
{
"defaultStatus": "unaffected",
"product": "Merten INSTABUS Tastermodul 1fach System M 625199",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Program Version 1.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Merten INSTABUS Tastermodul 2fach System M 625299",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Program Version 1.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Merten Tasterschnittstelle 4fach plus 670804",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Program Version 1.0"
},
{
"status": "affected",
"version": "Program Version 1.2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Merten KNX ARGUS 180/2,20M UP SYSTEM 631725",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Program Version 1.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Merten Jalousie-/Schaltaktor REG-K/8x/16x/10 m. HB 649908",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Program Version 1.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Merten KNX Uni-Dimmaktor LL REG-K/2x230/300 W MEG6710-0002",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Program Version 1.0"
},
{
"status": "affected",
"version": "Program Version 1.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Merten KNX Schaltakt.2x6A UP m.2 Eing. MEG6003-0002",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "Program Version 0.1"
}
]
}
]
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
26.2%