CVE-2015-8299

CRITICAL

KNX ETS 4.1.5 Build 3246 - Remote Code Execution via Crafted KNXnet/IP UDP Packet

Title source: manual
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-8299. PoCs published by kernoelpanic.

AI-analyzed exploit summary This repository contains a functional Python-based exploit for CVE-2015-8299, a buffer overflow vulnerability in KNX ETS4's Falcon.exe. The exploit uses ROP techniques to achieve remote code execution via crafted KNXnet/IP packets.

Description

Buffer overflow in the Group messages monitor (Falcon) in KNX ETS 4.1.5 (Build 3246) allows remote attackers to execute arbitrary code via a crafted KNXnet/IP UDP packet.

Exploits (1)

nomisec WORKING POC
by kernoelpanic · poc
https://github.com/kernoelpanic/CVE-2015-8299

This repository contains a functional Python-based exploit for CVE-2015-8299, a buffer overflow vulnerability in KNX ETS4's Falcon.exe. The exploit uses ROP techniques to achieve remote code execution via crafted KNXnet/IP packets.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: KNX ETS4 (Engineering Tool Software) 4.1.5 (Build 3246)
No auth needed
Prerequisites: Python with Scapy library · Root privileges for sending packets · Target running ETS4 with Group messages monitor active
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 9.8
EPSS 0.1174
EPSS Percentile 93.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (1)
knx/ets 4.1.5
Published Aug 29, 2017
Tracked Since Feb 18, 2026