Severity by source
CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Adjacent vector and high complexity reflect MITM-on-local-KNX-segment requirement; PR:L confirms network access needed; no confidentiality impact aligns with update-integrity-only flaw.
Primary rating from Vendor (ABB).
CVSS VectorVendor: ABB
CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
Missing support for integrity check vulnerability in ABB KNX Update Tool (ABB), ABB KNX Update Tool (BJE).
This issue affects KNX Update Tool (ABB): through 2.0.175; KNX Update Tool (BJE): through 2.0.175.
AnalysisAI
Missing firmware integrity verification in ABB KNX Update Tool versions through 2.0.175 allows an adjacent network attacker with low-privilege access to inject tampered updates onto KNX building automation devices, leading to high integrity and availability impact. The vulnerability (CWE-353) means the tool accepts update packages without cryptographic validation, enabling a man-in-the-middle or rogue-update attack on the KNX bus segment. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the attacker to be on the same adjacent network segment as the KNX installation and the workstation running KNX Update Tool - internet-based attacks are not possible due to AV:A. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 base score of 6.4 (Medium) reflects the real-world constraints: AV:A limits exploitation to actors already present on the same network segment as the KNX installation (typically a building LAN or dedicated KNX IP tunnel), AC:H indicates that exploiting the missing integrity check requires specific attack conditions such as a successful man-in-the-middle position, and PR:L confirms some level of access is needed. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has already obtained access to the same network segment as a building automation installation - via a compromised workstation, rogue device, or lateral movement - positions themselves between the technician running KNX Update Tool and the KNX IP gateway. When the tool initiates a device firmware update, the attacker intercepts the update package and substitutes a malicious firmware image. … |
| Remediation | Consult the ABB security advisory at https://search.abb.com/library/Download.aspx?DocumentID=9AKK108472A9270&LanguageCode=en&DocumentPartId=pdf&Action=Launch for the patched release version; an exact fixed version number is not confirmed in the currently available data beyond the statement that versions through 2.0.175 are affected - upgrade to any version superseding 2.0.175 once ABB releases a corrected build. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-353 – Missing Support for Integrity Check
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-45179
GHSA-gvmv-64wv-hj9r