CVE-2024-3297

Name of the Vulnerable Software and Affected Versions Matter protocol versions prior to 1.1

Description The issue is related to the Certificate Authenticated Session Establishment (CASE) protocol, which is used for establishing secure sessions between two devices. It allows an attacker to replay manipulated CASE Sigma1 messages, making the device unresponsive until it is power-cycled.

Recommendations For Matter protocol versions prior to 1.1, consider disabling the Certificate Authenticated Session Establishment (CASE) protocol until a patch is available. Restrict access to the device to minimize the risk of exploitation. Avoid using the device until the issue is resolved.