CVE-2023-4489 - OpenCVE

The first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK v7.18.3 and earlier. This makes the first S0 key generated at startup predictable, potentially allowing network key prediction and unauthorized S0 network access.

No CVSS v4.0

Attack Vector Physical

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Silabs	Z\/ip Gateway Sdk

Configuration 1 [-]

cpe:2.3:a:silabs:z\/ip_gateway_sdk:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/SiliconLabs/gecko_sdk
https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000buWj0QAE?operationContext=S1

History

No history.

MITRE

Status: PUBLISHED

Assigner: Silabs

Published: 2023-12-14T23:00:29.693Z

Updated: 2024-08-02T07:31:05.899Z

Reserved: 2023-08-23T04:17:01.960Z

Link: CVE-2023-4489

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-12-14T23:15:07.400

Modified: 2023-12-28T20:26:06.050

Link: CVE-2023-4489

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-4489", "assignerOrgId": "030b2754-1501-44a4-bef8-48be86a33bf4", "state": "PUBLISHED", "assignerShortName": "Silabs", "dateReserved": "2023-08-23T04:17:01.960Z", "datePublished": "2023-12-14T23:00:29.693Z", "dateUpdated": "2024-08-02T07:31:05.899Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "Z/IP Gateway SDK", "vendor": "silabs.com", "versions": [{"lessThanOrEqual": "7.18.3", "status": "affected", "version": "0", "versionType": "LessThan"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n\n\n<span style=\"background-color: rgb(255, 255, 255);\">The first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK v7.18.3 and earlier. </span><span style=\"background-color: rgb(255, 255, 255);\">This makes the first S0 key generated at startup predictable, potentially allowing network key prediction and unauthorized S0 network access.</span>\n\n<table><tbody><tr><td> </td></tr></tbody></table>\n\n"}], "value": "\n\n\nThe first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK v7.18.3 and earlier. This makes the first S0 key generated at startup predictable, potentially allowing network key prediction and unauthorized S0 network access.\n\n \n\n"}], "impacts": [{"capecId": "CAPEC-59", "descriptions": [{"lang": "en", "value": "CAPEC-59 Session Credential Falsification through Prediction"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-908", "description": "CWE-908 Use of Uninitialized Resource", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "030b2754-1501-44a4-bef8-48be86a33bf4", "shortName": "Silabs", "dateUpdated": "2023-12-14T23:00:38.921Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000buWj0QAE?operationContext=S1"}, {"url": "https://github.com/SiliconLabs/gecko_sdk"}], "source": {"discovery": "UNKNOWN"}, "title": "Z/IP Gateway Use of Uninitialized PRNG when Generating S0 Encryption Key", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:31:05.899Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000buWj0QAE?operationContext=S1"}, {"url": "https://github.com/SiliconLabs/gecko_sdk", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:silabs:z\\/ip_gateway_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "4D5AB8BA-E003-4066-B60C-D63034DAF6ED", "versionEndIncluding": "7.18.03", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "\n\n\nThe first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK v7.18.3 and earlier. This makes the first S0 key generated at startup predictable, potentially allowing network key prediction and unauthorized S0 network access.\n\n \n\n"}, {"lang": "es", "value": "La primera clave de cifrado S0 se genera con un PRNG no inicializado en productos Z/IP Gateway que ejecutan Silicon Labs Z/IP Gateway SDK v7.18.3 y versiones anteriores. Esto hace que la primera clave S0 generada al inicio sea predecible, lo que potencialmente permite la predicci\u00f3n de claves de red y el acceso no autorizado a la red S0."}], "id": "CVE-2023-4489", "lastModified": "2023-12-28T20:26:06.050", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 5.9, "source": "product-security@silabs.com", "type": "Secondary"}]}, "published": "2023-12-14T23:15:07.400", "references": [{"source": "product-security@silabs.com", "tags": ["Third Party Advisory"], "url": "https://github.com/SiliconLabs/gecko_sdk"}, {"source": "product-security@silabs.com", "tags": ["Permissions Required"], "url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000buWj0QAE?operationContext=S1"}], "sourceIdentifier": "product-security@silabs.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-908"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-908"}], "source": "product-security@silabs.com", "type": "Secondary"}]}