CVE-2019-6832
First published: Tue Sep 17 2019(Updated: )
A CWE-287: Authentication vulnerability exists in spaceLYnk (all versions before 2.4.0) and Wiser for KNX (all versions before 2.4.0 - formerly known as homeLYnk), which could cause loss of control when an attacker bypasses the authentication.
Credit: cybersecurity@se.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Schneider-electric Wiser For Knx Firmware | <2.4.0 | |
| Schneider-electric Lss100100 | ||
| Schneider-electric Spacelynk Firmware | <2.4.0 | |
| Schneider-electric Lss100200 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this authentication vulnerability in spaceLYnk and Wiser for KNX?
The vulnerability ID for this authentication vulnerability in spaceLYnk and Wiser for KNX is CVE-2019-6832.
What is the severity of CVE-2019-6832?
CVE-2019-6832 has a severity rating of 8.3 (High).
Which software versions are affected by CVE-2019-6832?
All versions before 2.4.0 of spaceLYnk and Wiser for KNX are affected by CVE-2019-6832.
How can an attacker exploit this authentication vulnerability?
An attacker can exploit this authentication vulnerability by bypassing the authentication, which could cause a loss of control.
Is there a fix available for CVE-2019-6832?
Yes, a fix is available. Users should update to version 2.4.0 or later of spaceLYnk and Wiser for KNX.
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/softwarecombine
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- agent/source
- vendor/schneider-electric
- canonical/schneider-electric wiser for knx firmware
- canonical/schneider-electric lss100100
- canonical/schneider-electric spacelynk firmware
- canonical/schneider-electric lss100200