CVE-2023-4346: KNX Association KNX Protocol Connection Authorization Option 1 Overly Restrictive Account Lockout Mechanism Vulnerability
Summary
A vulnerability in the KNX Protocol Connection Authorization Option 1 allows attackers to purge devices and lock them with a BCU key. This could be exploited to gain unauthorized access and control over connected devices. Users are advised to apply vendor-provided mitigations and follow CISA's guidance on prioritizing security updates.
IFF Assessment
This vulnerability allows an attacker to purge devices and lock them, which is a direct compromise of system integrity and availability.
Severity
The CVSS score of 8.8 (High) is estimated due to the potential for an attacker to remotely gain control of devices (Attack Vector: Network), impacting Confidentiality, Integrity, and Availability. The ease of exploitation and significant impact contribute to this score.
CISA KEV: Listed as actively exploited. Federal patch due: July 29, 2026. Known ransomware use: Unknown.
Defender Context
Defenders need to be aware of this vulnerability in KNX devices, which are common in building automation systems. Successful exploitation could lead to widespread disruption and unauthorized control of critical infrastructure. Applying vendor patches and mitigations promptly is crucial, especially considering the federal due date for remediation.