Описание
Z-Wave devices based on Silicon Labs 500 series chipsets using CRC-16 encapsulation, including but likely not limited to the Linear LB60Z-1 version 3.5, Dome DM501 version 4.26, and Jasco ZW4201 version 4.05, do not implement encryption or replay protection.
Ссылки
- Broken Link
- Third Party Advisory
- Broken Link
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
- Broken Link
- Third Party Advisory
- Broken Link
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:silabs:500_series_firmware:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:dome:dm501:4.26:*:*:*:*:*:*:*
cpe:2.3:o:jasco:zw4201:4.05:*:*:*:*:*:*:*
cpe:2.3:o:linear:lb60z-1:3.5:*:*:*:*:*:*:*
EPSS
Процентиль: 6%
0.00025
Низкий
8.1 High
CVSS3
4.8 Medium
CVSS2
Дефекты
CWE-311
CWE-311
Связанные уязвимости
github
около 4 лет назад
Z-Wave devices based on Silicon Labs 500 series chipsets using CRC-16 encapsulation, including but likely not limited to the Linear LB60Z-1 version 3.5, Dome DM501 version 4.26, and Jasco ZW4201 version 4.05, do not implement encryption or replay protection.
EPSS
Процентиль: 6%
0.00025
Низкий
8.1 High
CVSS3
4.8 Medium
CVSS2
Дефекты
CWE-311
CWE-311