PT-2024-34456 · Silicon · Z-Wave Series 700+1
Carlos Kayembe Nkuba
+3
·
Published
2024-12-10
·
Updated
2025-07-01
·
CVE-2024-50921
CVSS v3.1
6.5
Medium
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
Silicon Labs (SiLabs) Z-Wave Series 700 and 800 version 7.21.1
Description:
The issue is related to insecure permissions in the Silicon Labs (SiLabs) Z-Wave Series 700 and 800, which allows attackers to cause a Denial of Service (DoS) by repeatedly sending crafted packets to the controller.
Recommendations:
For version 7.21.1, consider restricting access to the controller to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the vulnerable functionality that allows crafted packets to be sent to the controller.
Exploit
Fix
DoS
Improper Preservation of Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Z-Wave Series 700
Z-Wave Series 800