CVE-2024-4009

Replay Attack in KNX Secure Devices

Description

Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to local KNX Bus-System

References

Link	Tags
https://search.abb.com/library/Download.aspx?DocumentID=9AKK108464A0803&LanguageCode=en&DocumentPartId=&Action=Launch	vendor advisory

Frequently Asked Questions

What is the severity of CVE-2024-4009?: CVE-2024-4009 has been scored as a high severity vulnerability.
How to fix CVE-2024-4009?: To fix CVE-2024-4009, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-4009 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2024-4009 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-4009?: CVE-2024-4009 affects ABB, Busch-Jaeger 2.4! Display 55, SD/U12.55.11-825, ABB, Busch-Jaeger 2.4! Display 55, SD/SD/U12.55.1-825, ABB, Busch-Jaeger 2.4! Display 63, SD/U12.63.11-825, ABB, Busch-Jaeger RoomTouch 4", RT/U12.86.1-825, ABB, Busch-Jaeger RoomTouch 4", RT/U12.86.11-825, ABB, Busch-Jaeger 2,4'' Display 70, SD/U12.70.11-4015, ABB, Busch-Jaeger 2,4'' Display 70, SD-U12-70-1-4015, ABB, Busch-Jaeger RoomTouch 4", RT/U12.86.11-811, ABB, Busch-Jaeger RoomTouch 4", RT-U12-86-1-811, ABB, Busch-Jaeger BCU KNX, BA-U1.0.11, ABB, Busch-Jaeger BCU KNX, BA-U1.0.1, ABB, Busch-Jaeger BCU KNX, BA-U1.0.21.

Description

Category

CWE-294 – Authentication Bypass by Capture-replay

References

Frequently Asked Questions