Information Exposure Vulnerability in homeLYnk and spaceLYnk Products by Schneider Electric
CVE-2021-22739

5.9MEDIUM

Key Information:

Vendor: Schneider Electric
Status: Homelynk (wiser For Knx) And Spacelynk V2.60 And Prior
Vendor: CVE Published:; 26 May 2021

Summary

An information exposure vulnerability has been identified in Schneider Electric's homeLYnk (Wiser For KNX) and spaceLYnk devices. This issue can potentially allow unauthorized access to sensitive information during the initial configuration of these devices, posing a risk of compromise if not adequately addressed. Users of affected versions should apply the necessary updates to mitigate this vulnerability.

Affected Version(s)

homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior

References

https://download.schneider-electric.com/files?p_Doc_Ref=S...

x_refsource_MISC

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 26, 2021
Vulnerability Reserved
Jan 6, 2021