Z-Wave End Devices Vulnerable to Stack Buffer Overflow
CVE-2023-51395

8.8HIGH

Key Information:

Vendor: Silicon Labs
Status: Z-wave Sdk
Vendor: CVE Published:; 7 March 2024

🔔 Create Silicon Labs Vulnerability Alert

What is CVE-2023-51395?

A vulnerability has been identified in Silicon Labs Z-Wave end devices, which may allow unauthenticated attackers within range to exploit a stack buffer overflow. This vulnerability can lead to arbitrary code execution, potentially compromising the system's integrity and security. The flaw arises from improper handling of data, making it critical for users to ensure adequate security measures are in place to mitigate risks associated with unauthorized access.

Affected Version(s)

Z-Wave SDK ARM 7.20.0

Z-Wave SDK ARM 7.19.3

References

https://community.silabs.com/068Vm0000029Xq5

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 7, 2024
Vulnerability Reserved
Dec 18, 2023