A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and earlier allows authentication to be bypassed, remote administration of Z-Wave controllers, and S0/S2 encryption keys to be recovered.
References
Link | Resource |
---|---|
https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000V6HZzQAN?operationContext=S1 | Permissions Required |
Configurations
History
27 Sep 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-281 |
CWE-268 |
28 Jun 2023, 16:10
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000V6HZzQAN?operationContext=S1 - Permissions Required | |
CPE | cpe:2.3:a:silabs:z\/ip_gateway_sdk:*:*:*:*:*:*:*:* | |
First Time |
Silabs z\/ip Gateway Sdk
Silabs |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CWE | CWE-863 |
21 Jun 2023, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-21 20:15
Updated : 2024-09-27 17:15
NVD link : CVE-2023-0971
Mitre link : CVE-2023-0971
CVE.ORG link : CVE-2023-0971
JSON object : View
Products Affected
silabs
- z\/ip_gateway_sdk