CVE-2024-7322

CVSS v3.1

5.8

Medium

Vector

AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions ZigBee (affected versions not specified)

Description A ZigBee coordinator, router, or end device may change its node ID when it receives an unsolicited encrypted rejoin response. This change in node ID causes a Denial of Service (DoS). To recover from this DoS, the network must be re-established.

Recommendations To resolve the issue, the network must be re-established after a Denial of Service (DoS) occurs. As a temporary workaround, consider disabling the reception of unsolicited encrypted rejoin responses until a fix is available. Restrict access to the network to minimize the risk of exploitation.

Fix

DoS

Origin Validation Error

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-940CWE-346

Related Identifiers

CVE-2024-7322

Affected Products

Zigbee

CVE-2024-7322

Weakness Enumeration

Related Identifiers

Affected Products

References · 6