The vulnerability is a stack buffer overflow located in the method dali-devconfig. An attacker who already has user‑level access can trigger the overflow and obtain full root privileges on the device, leading to complete compromise of confidentiality, integrity, and availability.

The flaw impacts a range of MBS devices, including Double‑A Profibus, Double‑A x‑link, Double‑X CAN, Double‑X DALI, Double‑X KNX, Double‑X LON, Double‑X M‑Bus, Double‑X PROFINET, Double‑X x‑link, Single‑A, Single‑X, and the various Triple‑X combinations such as TRIPLE‑X KNX+DALI, TRIPLE‑X KNX+LON, TRIPLE‑X KNX+M‑Bus, and TRIPLE‑X PROFINET+DALI, TRIPLE‑X PROFINET+KNX, TRIPLE‑X PROFINET+LON, and TRIPLE‑X PROFINET+M‑Bus. No specific firmware versions are listed in the current data.

With a CVSS score of 8.7 the vulnerability is considered highly severe. The EPSS score is not available, so the likely exploitation probability cannot be quantified, but the attack vector is remote and requires an attacker to have user‑level privileges to reach the vulnerable interface. The vulnerability is not yet listed in CISA KEV. Because of the high impact and the ease of exploitation once a user session is established, the overall risk is significant and warrants urgent attention.