CVE-2022-24611
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
22.1%
Denial of Service (DoS) in the Z-Wave S0 NonceGet protocol specification in Silicon Labs Z-Wave 500 series allows local attackers to block S0/S2 protected Z-Wave network via crafted S0 NonceGet Z-Wave packages, utilizing included but absent NodeIDs.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| silabs | zm5202_firmware | - | cpe:2.3:o:silabs:zm5202_firmware:-:*:*:*:*:*:*:* |
| silabs | zm5202 | - | cpe:2.3:h:silabs:zm5202:-:*:*:*:*:*:*:* |
| silabs | zm5101_firmware | - | cpe:2.3:o:silabs:zm5101_firmware:-:*:*:*:*:*:*:* |
| silabs | zm5101 | - | cpe:2.3:h:silabs:zm5101:-:*:*:*:*:*:*:* |
| silabs | sd3503_firmware | - | cpe:2.3:o:silabs:sd3503_firmware:-:*:*:*:*:*:*:* |
| silabs | sd3503 | - | cpe:2.3:h:silabs:sd3503:-:*:*:*:*:*:*:* |
| silabs | sd3502_firmware | - | cpe:2.3:o:silabs:sd3502_firmware:-:*:*:*:*:*:*:* |
| silabs | sd3502 | - | cpe:2.3:h:silabs:sd3502:-:*:*:*:*:*:*:* |
| silabs | zm5304_firmware | - | cpe:2.3:o:silabs:zm5304_firmware:-:*:*:*:*:*:*:* |
| silabs | zm5304 | - | cpe:2.3:h:silabs:zm5304:-:*:*:*:*:*:*:* |
Related
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
22.1%