Vulnerabilities > CVE-2022-24611 - Unspecified vulnerability in Silabs products

CVSS 6.5 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

low complexity

silabs

NVD

Published: 2022-05-17

Updated: 2022-05-26

Summary

Denial of Service (DoS) in the Z-Wave S0 NonceGet protocol specification in Silicon Labs Z-Wave 500 series allows local attackers to block S0/S2 protected Z-Wave network via crafted S0 NonceGet Z-Wave packages, utilizing included but absent NodeIDs.

Vulnerable Configurations

Part	Description	Count
OS	Silabs Silabs Zm5202 Firmware - Silabs Zm5101 Firmware - Silabs Sd3503 Firmware - Silabs Sd3502 Firmware - Silabs Zm5304 Firmware -	5
Hardware	Silabs Silabs Zm5202 - Silabs Zm5101 - Silabs Sd3503 - Silabs Sd3502 - Silabs Zm5304 -	5

References

https://github.com/ITSecLab-HSEL/CVE-2022-24611
http://z-wave.com