PT-2024-34457 · Silicon · Z-Wave Series 700/800

Carlos Kayembe Nkuba

Published

2024-12-10

Updated

2025-07-01

CVE-2024-50924

CVSS v3.1

6.5

Medium

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Silicon Labs (SiLabs) Z-Wave Series 700 and 800 version 7.21.1

Description: The issue is related to insecure permissions in the affected software, allowing attackers to disrupt communications between the controller and the device by repeatedly sending crafted packets to the controller.

Recommendations: For Silicon Labs (SiLabs) Z-Wave Series 700 and 800 version 7.21.1, consider restricting access to the controller to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Preservation of Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-281

Related Identifiers

CVE-2024-50924

Affected Products

Z-Wave Series 700/800

PT-2024-34457 · Silicon · Z-Wave Series 700/800

CVE-2024-50924

Weakness Enumeration

Related Identifiers

Affected Products

References · 6