Floragasse 7 – 5th floor, 1040 Vienna
Subscribe to our Newsletter

News

SBA Security Advisory – KNX management software ETS – remote code execution vulnerability (CVE-2015-8299)

Vulnerability Overview

The vulnerability is caused by a buffer overflow in a memcpy operation when parsing specailly crafted KNXnet/IP packets in the Group messages monitor (aka. Falcon). An according proof-of-concept exploit which was tested on an affected ETS version installed on a Windows XP SP3 can be found below. The proof-of-concept exploit generates the UDP packet which triggers the vulnerability and should at least crash the application (it requires python and scapy to run).

  • Type of Vulnerability: Buffer overflow vulnerability
  • CVE ID: CVE-2015-8299
  • Impact: Critical

Links

Full Security Advisory

Credits