CVE-2024-7322

EPSS 0.12%
Veröffentlicht 15.01.2025 08:15:26
Zuletzt bearbeitet 20.04.2026 16:16:39
Quelle product-security@silabs.com
CVE-Watchlists
Login
Unerledigt
Login

Dos in ZigBee device due to unsolicited encrypted rejoin response

A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change in node ID causes Denial of Service (DoS). To recover from this DoS, the network must be re-established

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

CNA 2 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

Herstellersilabs.com

≫

Produkt EmberZNet

Default Statusunaffected

Version 0

Version < 7.3.3

Status affected

Version 7.4.0

Version < 7.4.4

Status affected

Herstellersilabs.com

≫

Produkt EmberZNet

Default Statusunaffected

Version 0

Version < 8.1.0

Status affected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.12%	0.299

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
product-security@silabs.com	5.8	1.3	4	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H

CWE-940 Improper Verification of Source of a Communication Channel

The product establishes a communication channel to handle an incoming request that has been initiated by an actor, but it does not properly verify that the request is coming from the expected origin.

https://community.silabs.com/068Vm00000I7ri2

https://nvd.nist.gov/vuln/detail/CVE-2024-7322

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-7322

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-7322

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-7322