CISA KEV Alert 7/15/2026, 10:31:59 PM

CISA alerts on active KNX flaw CVE‑2023‑4346, urges action

Developing story vulnerability 2 articles tracked
CISA adds KNX protocol flaw CVE-2023-4346 to Known Exploited Vulnerabilities catalogue
CyberSIXT Evidence Panel Source marked as original reporting
Primary Source cisa.gov
CISA KEV Listed in KEV
Patch Patch Status Unknown

ON 15 July 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE‑2023‑4346 to its Known Exploited Vulnerabilities (KEV) catalogue. The flaw affects the KNX Association’s KNX Protocol Connection Authorization Option 1. It is an overly restrictive account lockout mechanism that could allow an attacker to purge all devices without additional security options enabled and set a BCU key to lock the device.

The vulnerability is classified as an authentication bypass/authorization issue in the connection authorisation process. Successful exploitation enables an attacker to deny service by locking devices and to erase configuration data. The vulnerability carries a CVSS v3.1 base score of 7.5, rated HIGH. According to the supplementary data, a patch is not currently available.

Because the entry appears in the KEV catalogue, CISA confirms that the flaw is being actively exploited in the wild. No ransomware campaign has been linked to this CVE to date. Federal Civilian Executive Branch (FCEB) agencies must apply mitigations by the remediation due date of 29 July 2026.

CISA requires that affected organisations apply mitigations in accordance with vendor instructions, ensuring compliance with BOD 26‑04 Prioritizing Security Updates Based on Risk and the Forensics Triage Requirements. Where mitigations cannot be applied, agencies should follow BOD 26‑04 guidance for cloud services or discontinue use of the product. Stakeholders must assess each asset’s internet exposure and adhere to BOD 26‑04 patching guidelines.

While the directive binds FCEB agencies, all organisations are advised to review their exposure to the KNX Protocol Connection Authorization Option 1 and implement any available mitigations.

For full details, see the NVD entry at https://nvd.nist.gov/vuln/detail/CVE-2023-4346 and the CISA KEV catalogue.

View CISA KEV Entry

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline