Critical Alert 4 Active Exploits Detected Today

CVE-2026-56155 Microsoft Active Directory Federation Services Insufficient Granularity of Access Control Vulnerability →
CVE-2026-56164 Microsoft SharePoint Server Missing Authentication for Critical Function Vulnerability →
CVE-2026-15409 SonicWall SMA1000 Appliances Server-Side Request Forgery Vulnerability →
CVE-2026-15410 SonicWall SMA1000 Appliances Code Injection Vulnerability →
Powered by CVE Watchtower
×

CVE Watchtower


← Back to CVE List

CVE-2023-4346NVD

Vulnerability Summary


KNX devices that use KNX Connection Authorization and support Option 1 are, depending on the implementation, vulnerable to being locked and users being unable to reset them to gain access to the device. The BCU key feature on the devices can be used to create a password for the device, but this password can often not be reset without entering the current password. If the device is configured to interface with a network, an attacker with access to that network could interface with the KNX installation, purge all devices without additional security options enabled, and set a BCU key, locking the device. Even if a device is not connected to a network, an attacker with physical access to the device could also exploit this vulnerability in the same way.

Severity Level
HIGH(7.5)
Published Date
Aug 29, 2023
Last Modified
Jul 15, 2026
Exploitation Status
ACTIVE
EPSS Score (30-Day)
0.48%Probability
Root Weakness (CWE)
Refer to the official MITRE database for detailed architectural specifications regarding this weakness.
CVSS v3.1 Base Metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh