Browse all 3 CVE security advisories affecting Kieback&Peter. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Kieback&Peter specializes in building management systems and IoT solutions for commercial buildings, with three CVEs recorded. Historically, their products have faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and insecure default configurations. The company's systems typically expose multiple network services with default credentials, increasing attack surfaces. While no major public security incidents have been documented, their CVE history suggests ongoing challenges in secure coding practices, particularly in web interfaces and communication protocols. Their installations in critical infrastructure environments make these vulnerabilities potentially impactful despite limited public reports of exploitation.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-6225 | Command injection in Kieback&Peter Neutrino-GLT — Neutrino-GLTCWE-78 | 9.8 | - | 2026-01-07 |
| CVE-2024-43698 | Kieback&Peter DDC4000 Series Use of Weak Credentials — DDC4040eCWE-1391 | 9.8 | Critical | 2024-10-22 |
| CVE-2024-43812 | Kieback&Peter DDC4000 Series Path Traversal Insufficiently Protected Credentials — DDC4040eCWE-522 | 8.4 | High | 2024-10-22 |
This page lists every published CVE security advisory associated with Kieback&Peter. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.