CVE-2024-7322

Summary

A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change in node ID causes Denial of Service (DoS). To recover from this DoS, the network must be re-established

Affected Software

VendorProductVersion RangeStatus
silabs.comEmberZNet0 < 7.3.3affected
silabs.comEmberZNet7.4.0 < 7.4.4affected
silabs.comEmberZNet0 < 8.1.0affected

Weaknesses

  • CWE-940: CWE-940 Improper Verification of Source of a Communication Channel

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References