Unauthorized Access Vulnerability in EIBPORT KNX Products from ABB
CVE-2024-13967

9.4CRITICAL

Key Information:

Vendor: Abb
Status: Eibport V3 Knx; Eibport V3 Knx Gsm
Vendor: CVE Published:; 4 June 2025

What is CVE-2024-13967?

This vulnerability exposes EIBPORT V3 KNX products, allowing attackers to gain unauthorized access to a critical configuration web page hosted on the integrated web server. Affected versions include EIBPORT V3 KNX and EIBPORT V3 KNX GSM prior to version 3.9.8, which may lead to unauthorized modifications and potential exploitation if not addressed appropriately.

Affected Version(s)

EIBPORT V3 KNX GSM 0 <= 3.9.8

EIBPORT V3 KNX 0 <= 3.9.8

References

https://search.abb.com/library/Download.aspx?DocumentID=9...

CVSS V4

Score:

9.4

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 4, 2025
Vulnerability Reserved
Jun 4, 2025

Credit

Psytester for describing the findings and helping to verify the resolving implementation

Frank van den Hurk for working with us to help protect customers

Abb

What is CVE-2024-13967?

Affected Version(s)

References

CVSS V4

Timeline

Credit