CVE-2024-4009

Summary

Replay Attack

in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to local KNX Bus-System

Affected Software

VendorProductVersion RangeStatus
ABB, Busch-Jaeger2.4! Display 55, SD/U12.55.11-8251.00affected
ABB, Busch-Jaeger2.4! Display 55, SD/SD/U12.55.1-8251.00affected
ABB, Busch-Jaeger2.4! Display 63, SD/U12.63.11-8251.00affected
ABB, Busch-JaegerRoomTouch 4", RT/U12.86.1-8251.00affected
ABB, Busch-JaegerRoomTouch 4", RT/U12.86.11-8251.00affected
ABB, Busch-Jaeger2,4’’ Display 70, SD/U12.70.11-40151.00affected
ABB, Busch-Jaeger2,4’’ Display 70, SD-U12-70-1-40151.00affected
ABB, Busch-JaegerRoomTouch 4", RT/U12.86.11-8111.00affected
ABB, Busch-JaegerRoomTouch 4", RT-U12-86-1-8111.00affected
ABB, Busch-JaegerBCU KNX, BA-U1.0.111.3.0.33affected
ABB, Busch-JaegerBCU KNX, BA-U1.0.11.3.0.33affected
ABB, Busch-JaegerBCU KNX, BA-U1.0.211.3.0.33affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References