Ip Gateway SDK 7.18.01

CVSS 8.8 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

silabs

CWE-863

NVD

Published: 2023-06-21

Updated: 2024-09-27

Summary

A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and earlier allows authentication to be bypassed, remote administration of Z-Wave controllers, and S0/S2 encryption keys to be recovered.

Vulnerable Configurations

Part	Description	Count
Application	Silabs Silabs Z/Ip Gateway SDK - Silabs Z/Ip Gateway SDK 7.18.01	2

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000V6HZzQAN?operationContext=S1