CVE-2020-9059

Sažetak

Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible to uncontrolled resource consumption leading to battery exhaustion. As an example, the Schlage BE468 version 3.42 door lock is vulnerable and fails open at a low battery level.

Reference

https://github.com/CNK2100/VFuzz-public
https://kb.cert.org/vuls/id/142629
https://ieeexplore.ieee.org/document/9663293
https://doi.org/10.1109/ACCESS.2021.3138768
https://www.kb.cert.org/vuls/id/142629

CVSS

Base:	6.1
Impact:	6.9
Exploitability:	6.5

Pristup

Vektor	Složenost	Autentikacija
ADJACENT_NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	COMPLETE

CVSS vektor

AV:A/AC:L/Au:N/C:N/I:N/A:C

Zadnje važnije ažuriranje

20-09-2022 - 17:16

Objavljeno

10-01-2022 - 14:10