CVE-2021-36799

Name of the Vulnerable Software and Affected Versions KNX ETS versions 5 through 5.7.6

Description The issue allows local users to read project information due to the use of a hard-coded password ETS5Password with a salt value of Ivan Medvedev. This problem is specific to products that are no longer supported by the maintainer.

Recommendations For KNX ETS versions 5 through 5.7.6, consider changing the hard-coded password ETS5Password to a unique and secure password to prevent unauthorized access to project information. As a temporary workaround, restrict local access to the system to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.