Vulnerabilities > CVE-2023-29779 - Unspecified vulnerability in Sengled E1E-G7F Firmware 0.0.9

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

sengled

NVD

Published: 2023-04-25

Updated: 2023-05-04

Summary

Sengled Dimmer Switch V0.0.9 contains a denial of service (DOS) vulnerability, which allows a remote attacker to send malicious Zigbee messages to a vulnerable device and cause crashes. After receiving the malicious command, the device will keep reporting its status and finally drain its battery after receiving the 'Set_short_poll_interval' command.

Vulnerable Configurations

Part	Description	Count
OS	Sengled Sengled E1E G7F Firmware 0.0.9	1
Hardware	Sengled Sengled E1E G7F -	1

References

https://us.sengled.com/
https://github.com/iot-sec23/IoT-CVE/blob/main/Sengled%20Dimmer%20Switch%20Vulnerability%20Report.pdf