What is the vulnerability ID for this vulnerability?

The vulnerability ID for this vulnerability is CVE-2021-22735.

What is the affected software for this vulnerability?

The affected software for this vulnerability includes Schneider-electric Spacelynk Firmware versions up to and including 2.6.0, and Schneider-electric Homelynk Firmware versions up to and including 2.6.0.

What is the severity of CVE-2021-22735?

The severity of CVE-2021-22735 is high, with a severity value of 7.2.

How can this vulnerability be exploited?

This vulnerability can be exploited by copying unauthorized code to the device, which could allow remote code execution.

Is Schneider-electric Spacelynk vulnerable to this vulnerability?

No, Schneider-electric Spacelynk is not vulnerable to this vulnerability.

Is Schneider-electric Homelynk vulnerable to this vulnerability?

No, Schneider-electric Homelynk is not vulnerable to this vulnerability.

What is the Common Weakness Enumeration (CWE) ID for this vulnerability?

The Common Weakness Enumeration (CWE) ID for this vulnerability is CWE-347.

Where can I find more information about this vulnerability?

You can find more information about this vulnerability at the following link: [https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04](https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04)

Vulnerability/
CVE-2021-22735

high

7.2

CWE

347

26/5/2021

3/8/2024

CVE-2021-22735

Q: What is the title of this vulnerability?

The title of this vulnerability is 'Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX) and…'.

Q: What is the description of this vulnerability?

The description of this vulnerability is: 'Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could allow remote code execution when unauthorized code is copied to the device.'

First published: Wed May 26 2021(Updated: )

Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could allow remote code execution when unauthorized code is copied to the device.

Credit: cybersecurity@se.com

Affected Software	Affected Version	How to fix
Schneider-electric Spacelynk Firmware	<=2.6.0
Schneider-electric Spacelynk
Schneider-electric Homelynk Firmware	<=2.6.0
Schneider-electric Homelynk

Never miss a vulnerability like this again

Reference Links

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04

Frequently Asked Questions

What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2021-22735.
What is the title of this vulnerability?
The title of this vulnerability is 'Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX) and…'.
What is the description of this vulnerability?
The description of this vulnerability is: 'Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could allow remote code execution when unauthorized code is copied to the device.'
What is the affected software for this vulnerability?
The affected software for this vulnerability includes Schneider-electric Spacelynk Firmware versions up to and including 2.6.0, and Schneider-electric Homelynk Firmware versions up to and including 2.6.0.
What is the severity of CVE-2021-22735?
The severity of CVE-2021-22735 is high, with a severity value of 7.2.
How can this vulnerability be exploited?
This vulnerability can be exploited by copying unauthorized code to the device, which could allow remote code execution.
Is Schneider-electric Spacelynk vulnerable to this vulnerability?
No, Schneider-electric Spacelynk is not vulnerable to this vulnerability.
Is Schneider-electric Homelynk vulnerable to this vulnerability?
No, Schneider-electric Homelynk is not vulnerable to this vulnerability.
What is the Common Weakness Enumeration (CWE) ID for this vulnerability?
The Common Weakness Enumeration (CWE) ID for this vulnerability is CWE-347.
Where can I find more information about this vulnerability?
You can find more information about this vulnerability at the following link: [https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04](https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04)

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/references
agent/weakness
agent/author
agent/last-modified-date
agent/severity
agent/tags
agent/description
agent/first-publish-date
agent/event
agent/source
vendor/schneider-electric
canonical/schneider-electric spacelynk firmware
version/schneider-electric spacelynk firmware/2.6.0
canonical/schneider-electric spacelynk
canonical/schneider-electric homelynk firmware
version/schneider-electric homelynk firmware/2.6.0
canonical/schneider-electric homelynk