CVE-2020-9059

Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible to uncontrolled resource consumption leading to battery exhaustion. As an example, the Schlage BE468 version 3.42 door lock is vulnerable and fails open at a low battery level.
References
Link Resource
https://doi.org/10.1109/ACCESS.2021.3138768 Broken Link
https://github.com/CNK2100/VFuzz-public Third Party Advisory
https://ieeexplore.ieee.org/document/9663293 Broken Link
https://kb.cert.org/vuls/id/142629 Third Party Advisory US Government Resource
https://www.kb.cert.org/vuls/id/142629 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

cpe:2.3:o:silabs:500_series_firmware:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:schlage:be468:3.42:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-01-10 14:10

Updated : 2024-02-28 18:48


NVD link : CVE-2020-9059

Mitre link : CVE-2020-9059

CVE.ORG link : CVE-2020-9059


JSON object : View

Products Affected

silabs

  • 500_series_firmware

schlage

  • be468
CWE
CWE-770

Allocation of Resources Without Limits or Throttling

CWE-400

Uncontrolled Resource Consumption