PT-2026-52402 · Silicon+1 · Ember Znet

Published

2026-06-25

Updated

2026-06-25

CVE-2026-47149

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

In EmberZNet v9.0.2 and earlier, malformed or out-of-range Door Lock user identifiers can trigger out-of-bounds table reads and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observed. Only devices supporting the Door Lock cluster may be impacted.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2026-47149

Affected Products

Ember Znet

PT-2026-52402 · Silicon+1 · Ember Znet

CVE-2026-47149

Weakness Enumeration

Related Identifiers

Affected Products

References · 3