CVSS: 5.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-7322 – Dos in ZigBee device due to unsolicited encrypted rejoin response
https://notcve.org/view.php?id=CVE-2024-7322
15 Jan 2025 — A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change in node ID causes Denial of Service (DoS). To recover from this DoS, the network must be re-established Un coordinador, enrutador o dispositivo final de ZigBee puede cambiar su ID de nodo cuando recibe una respuesta de reincorporación cifrada no solicitada. Este cambio en la ID del nodo provoca una denegación de servicio (DoS). Para recuperarse de esta denegación de ser... • https://community.silabs.com/068Vm00000I7ri2 • CWE-346: Origin Validation Error •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-41094 – Touchlink authentication bypass due to packets processed after timeout or out of range in Ember ZNet
https://notcve.org/view.php?id=CVE-2023-41094
04 Oct 2023 — TouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and Missing Release of Resource after Effective Lifetime may allow a device to be added outside of valid TouchLink range or pairing duration This issue affects Ember ZNet 7.1.x from 7.1.3 through 7.1.5; 7.2.x from 7.2.0 through 7.2.3; Version 7.3 and later are unaffected Los paquetes TouchLink procesados después del tiempo de espera o fuera del alcance debido a la operación de un recurso después de la c... • https://community.silabs.com/0688Y00000aIPzL • CWE-672: Operation on a Resource after Expiration or Release CWE-772: Missing Release of Resource after Effective Lifetime CWE-940: Improper Verification of Source of a Communication Channel •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-24938 – Malformed Zigbee packet causes Assert in EmberZNet 7.0.1 or earlier
https://notcve.org/view.php?id=CVE-2022-24938
14 Nov 2022 — A malformed packet causes a stack overflow in the Ember ZNet stack. This causes an assert which leads to a reset, immediately clearing the error. Un paquete con formato incorrecto provoca un desbordamiento de pila en la pila Ember ZNet. Esto provoca una afirmación que conduce a un reinicio, eliminando inmediatamente el error. • https://github.com/SiliconLabs/gecko_sdk • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-24937 – Malformed Zigbee packet causes Assert in EmberZNet 7.0.0 or earlier
https://notcve.org/view.php?id=CVE-2022-24937
14 Nov 2022 — Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Silicon Labs Ember ZNet allows Overflow Buffers. Restricción inadecuada de operaciones dentro de los límites de una vulnerabilidad de búfer de memoria en Silicon Labs Ember ZNet permite desbordamiento de búferes. • https://github.com/SiliconLabs/gecko_sdk • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •