CVE-2022-39065

A single malformed IEEE 802.15.4 (Zigbee) frame makes the TRÅDFRI gateway unresponsive, such that connected lighting cannot be controlled with the IKEA Home Smart app and TRÅDFRI remote control. The malformed Zigbee frame is an unauthenticated broadcast message, which means all vulnerable devices within radio range are affected. CVSS 3.1 Base Score: 6.5 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.synopsys.com/blogs/software-security/cyrc-advisory-ikea-tradfri-smart-lighting-gateway/	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:ikea:tradfri_gateway_e1526_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ikea:tradfri_gateway_e1526:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-10-14 16:15

Updated : 2024-02-28 19:29

NVD link : CVE-2022-39065

Mitre link : CVE-2022-39065

CVE.ORG link : CVE-2022-39065

JSON object : View

Products Affected

ikea

tradfri_gateway_e1526_firmware
tradfri_gateway_e1526

CWE

NVD-CWE-Other CWE-241

Improper Handling of Unexpected Data Type

{"id": "CVE-2022-39065", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2022-10-14T16:15:19.243", "references": [{"url": "https://www.synopsys.com/blogs/software-security/cyrc-advisory-ikea-tradfri-smart-lighting-gateway/", "tags": ["Third Party Advisory"], "source": "disclosure@synopsys.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}, {"type": "Secondary", "source": "disclosure@synopsys.com", "description": [{"lang": "en", "value": "CWE-241"}]}], "descriptions": [{"lang": "en", "value": "A single malformed IEEE 802.15.4 (Zigbee) frame makes the TR\u00c5DFRI gateway unresponsive, such that connected lighting cannot be controlled with the IKEA Home Smart app and TR\u00c5DFRI remote control. The malformed Zigbee frame is an unauthenticated broadcast message, which means all vulnerable devices within radio range are affected. CVSS 3.1 Base Score: 6.5 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, {"lang": "es", "value": "Una \u00fanica trama IEEE 802.15.4 (Zigbee) malformada hace que la pasarela TR\u00c5DFRI no responda, de modo que la iluminaci\u00f3n conectada no puede controlarse con la aplicaci\u00f3n IKEA Home Smart y el mando a distancia TR\u00c5DFRI. La trama Zigbee malformada es un mensaje de difusi\u00f3n no autenticado, lo que significa que todos los dispositivos vulnerables dentro del rango de radio est\u00e1n afectados. CVSS 3.1, Puntuaci\u00f3n Base 6.5, Vector CVSS: 3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}], "lastModified": "2022-10-18T14:08:59.637", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ikea:tradfri_gateway_e1526_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCEFB34F-7A58-4FFC-A8A2-42A369D271E3", "versionEndExcluding": "1.19.26"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ikea:tradfri_gateway_e1526:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FE61F613-9822-4B7D-BB22-15F6B0107DFB"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "disclosure@synopsys.com"}