CVE-2020-9058

Summary

Z-Wave devices based on Silicon Labs 500 series chipsets using CRC-16 encapsulation, including but likely not limited to the Linear LB60Z-1 version 3.5, Dome DM501 version 4.26, and Jasco ZW4201 version 4.05, do not implement encryption or replay protection.

Affected Software

VendorProductVersion RangeStatus
LinearLB60Z-13.5affected
DomeDM5014.26affected
JascoZW42014.05affected
Silicon Labs500 seriesallaffected

Weaknesses

  • CWE-311: CWE-311 Missing Encryption of Sensitive Data

ADP Enrichment

CVE Program Container

Additional References

References