Impact
Malformed IAS Zone enrollment messages can trigger an out‑of‑bounds write to the state table in EmberZNet v9.0.2 and earlier, causing the process to terminate. The vulnerability is a classic buffer overwrite (CWE‑787) that can be exploited remotely by any device that has already joined the network and supports the IAS Zone cluster.
Affected Systems
Silicon Labs EmberZNet firmware versions 9.0.2 and earlier are affected. The flaw only applies to devices that support the IAS Zone cluster; devices lacking this capability are not impacted.
Risk and Exploitability
The CVSS score is 7.1, indicating a high impact severity. Because EPSS is not available, the exact exploitation probability is unknown, but the flaw is listed outside of the CISA KEV catalog. An attacker must send a crafted IAS Zone enrollment message from a joined device; this action can cause a crash and deny service to the target device. No public exploit is documented.
OpenCVE Enrichment