Denial of Service Vulnerability in Zigbee Coordinator from Silicon Labs
CVE-2024-3043

Currently unrated

Key Information:

Vendor: Silicon Labs
Status: Zigbee Coordinator
Vendor: CVE Published:; 27 June 2024

🔔 Create Silicon Labs Vulnerability Alert

What is CVE-2024-3043?

An unauthenticated IEEE 802.15.4 'co-ordinator realignment' packet poses a significant risk to Zigbee networks by enabling the alteration of network identifiers (PAN ID) of connected nodes. This manipulation can lead to denial of service situations, disrupting the normal functionality of the affected network. Such packets, which should ideally be reserved for physical layer (PHY) qualification, can be exploited to impact operational integrity and connectivity within Zigbee deployments.

References

https://github.com/SiliconLabs/gecko_sdk

https://community.silabs.com/069Vm000005UCH0IAO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 27, 2024