Z-Wave devices based on Silicon Labs 700 series chipsets using S2 do not adequately authenticate or encrypt FIND_NODE_IN_RANGE frames, allowing a remote, unauthenticated attacker to inject a FIND_NODE_IN_RANGE frame with an invalid random payload, denying service by blocking the processing of upcoming events.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: certcc
Published: 2022-01-09T04:15:13.118918Z
Updated: 2024-09-16T18:13:44.506Z
Reserved: 2020-03-05T00:00:00
Link: CVE-2020-10137
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-01-10T14:10:15.817
Modified: 2022-01-18T17:12:45.303
Link: CVE-2020-10137
Redhat
No data.