CVE-2023-4346

HIGH KEV

KNX Connection Authorization - Device Lockout Denial of Service

Title source: manual
STIX 2.1

Exploitation Summary

CVE-2023-4346 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added July 15, 2026.

Description

KNX devices that use KNX Connection Authorization and support Option 1 are, depending on the implementation, vulnerable to being locked and users being unable to reset them to gain access to the device. The BCU key feature on the devices can be used to create a password for the device, but this password can often not be reset without entering the current password. If the device is configured to interface with a network, an attacker with access to that network could interface with the KNX installation, purge all devices without additional security options enabled, and set a BCU key, locking the device. Even if a device is not connected to a network, an attacker with physical access to the device could also exploit this vulnerability in the same way.

References (1)

Core 1
Core References
Third Party Advisory, US Government Resource government-resource
https://www.cisa.gov/news-events/ics-advisories/icsa-23-236-01

Scores

CVSS v3 7.5
EPSS 0.0048
EPSS Percentile 38.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation active
Automatable yes
Technical Impact partial

Details

CISA KEV 2026-07-15
VulnCheck KEV 2026-07-15
CWE
CWE-645
Status published
Products (2)
knx/connection_authorization
KNX Association/KNX Protocol Connection Authorization Option 1
Published Aug 29, 2023
KEV Added Jul 15, 2026
Tracked Since Feb 18, 2026