HIGH🇬🇧 English

CVE-2021-22735

CVSS 7.2v3.1pub. 2021-05-26upd. 2024-11-21

Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could allow remote code execution when unauthorized code is copied to the device.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Schneider Electric Homelynk

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Homelynk Firmware

    OS
    Schneider-Electric
    ≤ 2.6.0
  • Schneider Electric Spacelynk

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Spacelynk Firmware

    OS
    Schneider-Electric
    ≤ 2.6.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2022-22810CRITICAL9.8ten sam produkt

A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could allow an ...

CVE-2021-22738CRITICAL9.8ten sam produkt

Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYn...

CVE-2021-22737CRITICAL9.8ten sam produkt

Insufficiently Protected Credentials vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and ...

CVE-2021-22806HIGH7.5ten sam produkt

A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data exfiltration...

CVE-2022-22811HIGH8.1ten sam produkt

A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists that could induce users to perform unintende...