Denial of Service Vulnerability in MDT KNXnet/IP Secure Router and IP Interface

Denial of Service Vulnerability in MDT KNXnet/IP Secure Router and IP Interface

CVE-2021-37740 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

A denial of service vulnerability exists in MDT's firmware for the KNXnet/IP Secure router SCN-IP100.03 and KNX IP interface SCN-IP000.03 before v3.0.4, that allows a remote attacker to turn the device unresponsive to all requests on the KNXnet/IP Secure layer, until the device is rebooted, via a SESSION_REQUEST frame with a modified total length field.

Learn more about our Web Application Penetration Testing UK.