{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-12-09T00:00:00", "descriptions": [{"lang": "en", "value": "An issue was discovered on Sigma Design Z-Wave S0 through S2 devices. An attacker first prepares a Z-Wave frame-transmission program (e.g., Z-Wave PC Controller, OpenZWave, CC1110, etc.). Next, the attacker conducts a DoS attack against the Z-Wave S0 Security version product by continuously sending divided \"Nonce Get (0x98 0x81)\" frames. The reason for dividing the \"Nonce Get\" frame is that, in security version S0, when a node receives a \"Nonce Get\" frame, the node produces a random new nonce and sends it to the Src node of the received \"Nonce Get\" frame. After the nonce value is generated and transmitted, the node transitions to wait mode. At this time, when \"Nonce Get\" is received again, the node discards the previous nonce value and generates a random nonce again. Therefore, because the frame is encrypted with previous nonce value, the received normal frame cannot be decrypted."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-12-09T19:57:02", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/min1233/CVE/blob/master/2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-19983", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered on Sigma Design Z-Wave S0 through S2 devices. An attacker first prepares a Z-Wave frame-transmission program (e.g., Z-Wave PC Controller, OpenZWave, CC1110, etc.). Next, the attacker conducts a DoS attack against the Z-Wave S0 Security version product by continuously sending divided \"Nonce Get (0x98 0x81)\" frames. The reason for dividing the \"Nonce Get\" frame is that, in security version S0, when a node receives a \"Nonce Get\" frame, the node produces a random new nonce and sends it to the Src node of the received \"Nonce Get\" frame. After the nonce value is generated and transmitted, the node transitions to wait mode. At this time, when \"Nonce Get\" is received again, the node discards the previous nonce value and generates a random nonce again. Therefore, because the frame is encrypted with previous nonce value, the received normal frame cannot be decrypted."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/min1233/CVE/blob/master/2", "refsource": "MISC", "url": "https://github.com/min1233/CVE/blob/master/2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T11:51:17.847Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/min1233/CVE/blob/master/2"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-19983", "datePublished": "2018-12-09T19:00:00", "dateReserved": "2018-12-09T00:00:00", "dateUpdated": "2024-08-05T11:51:17.847Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:silabs:z-wave_s0_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "22DA6D02-7743-4D79-96D7-5DBDF97D4ED6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:silabs:z-wave_s0:-:*:*:*:*:*:*:*", "matchCriteriaId": "6FD6AAFA-091C-4CF1-B272-9B77DC77605E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:silabs:z-wave_s2_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5FE4A9F9-E3AB-40BB-B11D-59A58DD038D3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:silabs:z-wave_s2:-:*:*:*:*:*:*:*", "matchCriteriaId": "845F081A-2499-4CB9-956D-7162AD3CD326", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An issue was discovered on Sigma Design Z-Wave S0 through S2 devices. An attacker first prepares a Z-Wave frame-transmission program (e.g., Z-Wave PC Controller, OpenZWave, CC1110, etc.). Next, the attacker conducts a DoS attack against the Z-Wave S0 Security version product by continuously sending divided \"Nonce Get (0x98 0x81)\" frames. The reason for dividing the \"Nonce Get\" frame is that, in security version S0, when a node receives a \"Nonce Get\" frame, the node produces a random new nonce and sends it to the Src node of the received \"Nonce Get\" frame. After the nonce value is generated and transmitted, the node transitions to wait mode. At this time, when \"Nonce Get\" is received again, the node discards the previous nonce value and generates a random nonce again. Therefore, because the frame is encrypted with previous nonce value, the received normal frame cannot be decrypted."}, {"lang": "es", "value": "Se ha descubierto un problema en dispositivos Sigma Design Z-Wave, del S0 al S2. En primer lugar, un atacante prepara un programa de transmisi\u00f3n de frames Z-Wave (Z-Wave PC Controller, OpenZWave, CC1110, etc.). A continuaci\u00f3n, el atacante lleva a cabo un ataque de denegaci\u00f3n de servicio (DoS) contra el producto Z-Wave S0 Security mediante el env\u00edo continuado de frames \"Nonce Get (0x98 0x81)\" divididos. El motivo para dividir el frame \"Nonce Get\" es que, en la versi\u00f3n S0 de seguridad, cuando un nodo recibe el frame \"Nonce Get\", \u00e9ste produce un nuevo nonce aleatorio y lo env\u00eda al nodo Src del frame \"Nonce Get\" recibido. Una vez se ha generado y transmitido el valor del nonce, el nodo pasa a modo de espera. En este momento, cuando se vuelve a recibir \"Nonce Get\", el nodo descarta el nonce anterior y genera un nonce aleatorio de nuevo. Por lo tanto, debido a que el frame est\u00e1 cifrado con el valor del nonce anterior, el frame normal recibido no puede ser descifrado."}], "id": "CVE-2018-19983", "lastModified": "2024-11-21T03:58:56.373", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-12-09T19:29:00.530", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/min1233/CVE/blob/master/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/min1233/CVE/blob/master/2"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-330"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}