Z-Wave devices based on Silicon Labs 700 series chipsets using S2 do not adequately authenticate or encrypt FIND_NODE_IN_RANGE frames, allowing a remote, unauthenticated attacker to inject a FIND_NODE_IN_RANGE frame with an invalid random payload, denying service by blocking the processing of upcoming events.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published: 2022-01-09T04:15:13.118918Z

Updated: 2024-09-16T18:13:44.506Z

Reserved: 2020-03-05T00:00:00

Link: CVE-2020-10137

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2022-01-10T14:10:15.817

Modified: 2022-01-18T17:12:45.303

Link: CVE-2020-10137

cve-icon Redhat

No data.