Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (using S0 security) may use a known, shared network key of all zeros, allowing an attacker within radio range to spoof Z-Wave traffic.
oryginał ENCVSS Vector
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:HSilabs Zgm130s037hgn
HWSilabswszystkie wersjeSilabs Zgm130s037hgn Firmware
OSSilabss2Silabs Zgm2305a27hgn
HWSilabswszystkie wersjeSilabs Zgm2305a27hgn Firmware
OSSilabss2Silabs Zgm230sb27hgn
HWSilabswszystkie wersjeSilabs Zgm230sb27hgn Firmware
OSSilabss2Silabs Zm5101
HWSilabswszystkie wersjeSilabs Zm5101 Firmware
OSSilabss2Silabs Zm5202
HWSilabswszystkie wersjeSilabs Zm5202 Firmware
OSSilabss2
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Referencje
Powiązane podatności
CVE-2024-50920HIGH8.8ten sam produkt
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to create a fa...
CVE-2024-50930HIGH8.8ten sam produkt
An issue in Silicon Labs Z-Wave Series 500 v6.84.0 allows attackers to execute arbitrary code.
CVE-2018-25029HIGH8.1ten sam produkt
The Z-Wave specification requires that S2 security can be downgraded to S0 or other less secure protocols, all...
CVE-2024-50928MEDIUM6.5ten sam produkt
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to change the ...
CVE-2024-50929MEDIUM6.2ten sam produkt
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to arbitrarily...