Vulnerability in Z-Wave Devices from Sierra Designs and Silicon Labs
CVE-2013-20003

8.3HIGH

Key Information:

Vendor

Silicon Labs

Status
Z-wave
Vendor
CVE Published:
4 February 2022

Badges

๐Ÿ‘พ Exploit Exists

What is CVE-2013-20003?

Z-Wave devices manufactured by Sierra Designs and Silicon Labs prior to 2013 may leverage a common, known network key (all zeros), enabling attackers within radio range to simulate Z-Wave traffic. This flaw poses a significant risk as it could facilitate unauthorized access and manipulation of connected devices. Users should assess their setup for vulnerabilities related to such Z-Wave implementations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Z-Wave S0

Z-Wave S0

References

https://sensepost.com/cms/resources/conferences/2013/bh_z...
x_refsource_MISC
https://www.pentestpartners.com/security-blog/z-shave-exp...
x_refsource_MISC
https://orangecyberdefense.com/global/blog/sensepost/blac...
x_refsource_MISC

CVSS V3.1

Score:
8.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.