PT-2024-34458 · Silicon · Z-Wave Series 700+1
Carlos Kayembe Nkuba
+3
·
Published
2024-12-10
·
Updated
2025-07-01
·
CVE-2024-50928
CVSS v3.1
6.5
Medium
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
Silicon Labs (SiLabs) Z-Wave Series 700 and 800 version 7.21.1
Description:
The issue is related to insecure permissions in the Silicon Labs Z-Wave Series 700 and 800, which allow attackers to modify the
wakeup interval of end devices in the controller's memory. This modification disrupts the device's communications with the controller.Recommendations:
For version 7.21.1, consider restricting access to the controller's memory to prevent unauthorized changes to the
wakeup interval until a fix is available. As a temporary workaround, review and secure the permissions settings to minimize the risk of exploitation.Exploit
Fix
Improper Preservation of Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Z-Wave Series 700
Z-Wave Series 800