PT-2022-7957 · Jung · Jung Smart Visu Server

T. Weber

Published

2022-06-22

Updated

2022-06-29

CVE-2017-20084

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions JUNG Smart Visu Server versions 1.0.804 through 1.0.832

Description A critical issue has been found in the KNX Group Address component, which can be manipulated to create a backdoor. This requires local access to execute the attack. The exploit has been publicly disclosed.

Recommendations For versions 1.0.804 through 1.0.832, upgrade to version 1.0.900 to address this issue.

Exploit

Fix

Hidden Functionality

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-912

Related Identifiers

CVE-2017-20084

Affected Products

Jung Smart Visu Server

PT-2022-7957 · Jung · Jung Smart Visu Server

CVE-2017-20084

Weakness Enumeration

Related Identifiers

Affected Products

References · 6