What is CVE-2022-22809?

A medium-severity vulnerability in Schneider Electric's spaceLYnk, Wiser for KNX, and fellerLYnk products allows unauthorized modifications of touch configurations. Organizations should prioritize patching to mitigate potential risks.

What is the severity of CVE-2022-22809?

CVE-2022-22809 has a severity rating of MEDIUM with a CVSS base score of 5.3.

CVE-2022-22809 | Medium Vulnerability in Schneider Electric spaceLYnk, Wiser for KNX, and fellerLYnk

CVE-2022-22809 is a CWE-306 vulnerability, categorized as a Missing Authentication for Critical Function. This vulnerability allows modifications of the touch configurations in an unauthorized manner when an attacker attempts to modify these configurations. The affected products include spaceLYnk (versions V2.6.2 and prior), Wiser for KNX (formerly homeLYnk) (versions V2.6.2 and prior), and fellerLYnk (versions V2.6.2 and prior). The severity of this vulnerability is classified as medium, with a CVSS score of 5.3.

Organizations utilizing these products face inherent risks, including potential unauthorized access to configuration settings, which could impact the functionality and security of the devices. The attack vector is network-based, with low complexity and no privileges required for exploitation, making it accessible to a broader range of potential attackers.

The urgency for defenders is high. Organizations should prioritize patching immediately to prevent unauthorized modifications and ensure the integrity of their configurations. No public exploit has been confirmed, but the ease of exploitation emphasizes the importance of swift remediation.

For those affected, the remediation involves updating to the latest firmware versions beyond V2.6.2. Schneider Electric has provided advisories detailing the necessary patches.

Vulnerability Details

The vulnerability allows modifications of touch configurations without proper authentication, which is a critical failure in security design. The CVSS score of 5.3 indicates a medium severity, and the vulnerability affects Schneider Electric's products, including spaceLYnk, Wiser for KNX, and fellerLYnk, all versions prior to 2.6.2. This vulnerability was published on February 9, 2022, and is categorized under CWE-306.

Technical Analysis

The root cause of this vulnerability is the lack of authentication for critical functions, which allows unauthorized users to alter touch configurations. The attack vector is network-based, and the complexity is low, requiring no privileges or user interaction. The impacts include partial integrity loss, as attackers can modify configurations without detection, while confidentiality and availability remain unaffected.

Risk & Impact Analysis

The risk to organizations includes unauthorized access to touch configurations, potentially compromising device functionality and security. This vulnerability may lead to broader attack surfaces, especially if exploited in networks where other critical systems are present. Given the CVSS score and the potential for exploitation, organizations should address this vulnerability in their priority patch cycle.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The affected versions include all versions up to and including 2.6.2 of spaceLYnk, Wiser for KNX, and fellerLYnk. Organizations should ensure they are operating versions beyond this to mitigate the vulnerability.

Mitigation & Remediation

Organizations should prioritize applying the latest patches provided by Schneider Electric to remediate this vulnerability. The recommended action is to upgrade to versions beyond 2.6.2. In cases where patches cannot be immediately applied, consider implementing network segmentation and monitoring to limit exposure.

Detection Guidance

Monitor logs for any unauthorized configuration changes or anomalies related to touch configurations. Implement behavioral monitoring to detect unusual access attempts that may indicate exploitation of this vulnerability.

AppSecure Threat Intelligence Insight

While no active exploitation has been reported, the potential for unauthorized modifications poses a significant risk to organizations using the affected Schneider Electric products. Security teams should be aware of the trends in vulnerabilities associated with critical functions and ensure that proper authentication mechanisms are in place.

For further insights and to bolster your security posture, consider reviewing our penetration testing methodology and our guide on vulnerability management programs to proactively address similar risks.

For comprehensive security assessments, organizations may also consider our penetration testing services to identify and remediate vulnerabilities effectively.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2022-22809: Medium Vulnerability in Schneider Electric spaceLYnk, Wiser for KNX, and fellerLYnk