Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
silabs zm5202 firmware s2 vulnerabilities and exploits
(subscribe to this query)
7.9
CVSSv2
CVE-2013-20003
Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (using S0 security) may use a known, shared network key of all zeros, allowing an attacker within radio range to spoof Z-Wave traffic.
Silabs Zgm130s037hgn Firmware S2
Silabs Zm5202 Firmware S2
Silabs Zm5101 Firmware S2
Silabs Zgm2305a27hgn Firmware S2
Silabs Zgm230sb27hgn Firmware S2
4.8
CVSSv2
CVE-2018-25029
The Z-Wave specification requires that S2 security can be downgraded to S0 or other less secure protocols, allowing an attacker within radio range during pairing to downgrade and then exploit a different vulnerability (CVE-2013-20003) to intercept and spoof traffic.
Silabs Zgm130s037hgn Firmware S2
Silabs Zm5202 Firmware S2
Silabs Zm5101 Firmware S2
Silabs Zgm2305a27hgn Firmware S2
Silabs Zgm230sb27hgn Firmware S2
6.1
CVSSv2
CVE-2022-24611
Denial of Service (DoS) in the Z-Wave S0 NonceGet protocol specification in Silicon Labs Z-Wave 500 series allows local malicious users to block S0/S2 protected Z-Wave network via crafted S0 NonceGet Z-Wave packages, utilizing included but absent NodeIDs.
Silabs Zm5202 Firmware -
Silabs Zm5101 Firmware -
Silabs Sd3503 Firmware -
Silabs Sd3502 Firmware -
Silabs Zm5304 Firmware -
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started