CVE-2023-6533

EPSS 0.04%
Veröffentlicht 21.02.2024 20:15:46
Zuletzt bearbeitet 12.02.2025 16:57:31
Quelle product-security@silabs.com
Teams Watchlist Login
Unerledigt Login

Malformed Device Reset Locally Command Class packets can be sent to the controller, causing the controller to assume the end device has left the network. After this, frames sent by the end device will not be acknowledged by the controller. This vulnerability exists in PC Controller v5.54.0, and earlier.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Silabs ≫ Z-wave Pc-based Controller Version <= 5.54

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.11

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
product-security@silabs.com	6.5	2.8	3.6	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-248 Uncaught Exception

An exception is thrown from a function, but it is not caught.

CWE-419 Unprotected Primary Channel

The product uses a primary channel for administration or restricted functionality, but it does not properly protect the channel.

https://community.silabs.com/068Vm000001HdNm

Permissions Required

https://nvd.nist.gov/vuln/detail/CVE-2023-6533

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-6533

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-6533

EUVD