1. Home
  2. CVE Database
  3. CVE-2020-7525
HIGH · 7.5

CVE-2020-7525

Improper Restriction of Excessive Authentication Attempts vulnerability exists in all hardware versions of spaceLYnk and Wiser for KNX (formerly homeLYnk) which could allow an attacker to guess a pass...

Vulnerability Description

Improper Restriction of Excessive Authentication Attempts vulnerability exists in all hardware versions of spaceLYnk and Wiser for KNX (formerly homeLYnk) which could allow an attacker to guess a password when brute force is used.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
Schneider-ElectricSpacelynk Firmware< 2.5.1
Schneider-ElectricSpacelynk-
Schneider-ElectricWiser For Knx Firmware< 2.5.1
Schneider-ElectricWiser For Knx-

Related Weaknesses (CWE)

CWE-307

References

FAQ

What is CVE-2020-7525?

CVE-2020-7525 is a vulnerability with a CVSS score of 7.5 (HIGH). Improper Restriction of Excessive Authentication Attempts vulnerability exists in all hardware versions of spaceLYnk and Wiser for KNX (formerly homeLYnk) which could allow an attacker to guess a pass...

How severe is CVE-2020-7525?

CVE-2020-7525 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-7525?

Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Spacelynk Firmware, Schneider-Electric Spacelynk, Schneider-Electric Wiser For Knx Firmware, Schneider-Electric Wiser For Knx.