// For flags

CVE-2024-4009

Replay Attack in KNX Secure Devices

Severity Score

7.3
*CVSS v4

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track
*SSVC
Descriptions

Replay Attack

in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to local KNX Bus-System

Replay Attack en ABB, Busch-Jaeger, FTS Display (versión 1.00) y BCU (versión 1.3.0.33) permite al atacante capturar/reproducir telegramas KNX al sistema de bus KNX local

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Attack Requirements
Present
Privileges Required
None
User Interaction
None
System
Vulnerable | Subsequent
Confidentiality
Low
Low
Integrity
High
High
Availability
High
High
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:Track
Exploitation
None
Automatable
No
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2024-04-19 CVE Reserved
  • 2024-06-05 CVE Published
  • 2024-06-06 EPSS Updated
  • 2024-08-01 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-294: Authentication Bypass by Capture-replay
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Abb
Search vendor "Abb"
2tma310010b0001 Firmware
Search vendor "Abb" for product "2tma310010b0001 Firmware"
< 1.02
Search vendor "Abb" for product "2tma310010b0001 Firmware" and version " < 1.02"
-
Affected
in Abb
Search vendor "Abb"
2tma310010b0001
Search vendor "Abb" for product "2tma310010b0001"
--
Safe
Abb
Search vendor "Abb"
2tma310011b0001 Firmware
Search vendor "Abb" for product "2tma310011b0001 Firmware"
< 1.02
Search vendor "Abb" for product "2tma310011b0001 Firmware" and version " < 1.02"
-
Affected
in Abb
Search vendor "Abb"
2tma310011b0001
Search vendor "Abb" for product "2tma310011b0001"
--
Safe
Abb
Search vendor "Abb"
2tma310011b0002 Firmware
Search vendor "Abb" for product "2tma310011b0002 Firmware"
< 1.02
Search vendor "Abb" for product "2tma310011b0002 Firmware" and version " < 1.02"
-
Affected
in Abb
Search vendor "Abb"
2tma310011b0002
Search vendor "Abb" for product "2tma310011b0002"
--
Safe
Abb
Search vendor "Abb"
2tma310010b0003 Firmware
Search vendor "Abb" for product "2tma310010b0003 Firmware"
< 1.02
Search vendor "Abb" for product "2tma310010b0003 Firmware" and version " < 1.02"
-
Affected
in Abb
Search vendor "Abb"
2tma310010b0003
Search vendor "Abb" for product "2tma310010b0003"
--
Safe
Abb
Search vendor "Abb"
2tma310011b0003 Firmware
Search vendor "Abb" for product "2tma310011b0003 Firmware"
< 1.02
Search vendor "Abb" for product "2tma310011b0003 Firmware" and version " < 1.02"
-
Affected
in Abb
Search vendor "Abb"
2tma310011b0003
Search vendor "Abb" for product "2tma310011b0003"
--
Safe