Skip to main content

Knx Update Tool Bje

1 CVEs product

Monthly

CVE-2026-12705 MEDIUM This Month

Missing firmware integrity verification in ABB KNX Update Tool versions through 2.0.175 allows an adjacent network attacker with low-privilege access to inject tampered updates onto KNX building automation devices, leading to high integrity and availability impact. The vulnerability (CWE-353) means the tool accepts update packages without cryptographic validation, enabling a man-in-the-middle or rogue-update attack on the KNX bus segment. No public exploit code or CISA KEV listing has been identified at time of analysis, and active exploitation has not been confirmed.

Abb Information Disclosure Knx Update Tool Abb Knx Update Tool Bje
NVD
CVSS 4.0
5.9
CVSS 5.9
MEDIUM This Month

Missing firmware integrity verification in ABB KNX Update Tool versions through 2.0.175 allows an adjacent network attacker with low-privilege access to inject tampered updates onto KNX building automation devices, leading to high integrity and availability impact. The vulnerability (CWE-353) means the tool accepts update packages without cryptographic validation, enabling a man-in-the-middle or rogue-update attack on the KNX bus segment. No public exploit code or CISA KEV listing has been identified at time of analysis, and active exploitation has not been confirmed.

Abb Information Disclosure Knx Update Tool Abb +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy