Security Advisory – ABB KNX Secure Devices Vulnerabilities (CVE-2024-4008, CVE-2024-4009)

ABB has identified vulnerabilities in specific versions of KNX Secure Devices. The first flaw (CVE-2024-4008) involves a Factory Default Setup Key leak during commissioning, potentially allowing attackers to hijack communication. The second issue (CVE-2024-4009) allows replay attacks due to improper handling of sequence numbers during power failures. Firmware updates resolving these issues are available, and users are advised to update and follow recommended security practices.

For more details, refer to the full advisory in the document.