Insecure Permissions in SiLabs Z-Wave Series 700 and 800 Controllers
CVE-2024-50929

6.2MEDIUM

Key Information:

Vendor: Silicon Labs
Status: Z-Wave Series 700 and 800
Vendor: CVE Published:; 10 December 2024

🔔 Create Silicon Labs Vulnerability Alert

What is CVE-2024-50929?

The vulnerability in Silicon Labs Z-Wave Series 700 and 800 products stems from improper permissions, allowing unauthorized adjustments to the device type stored within the controller's memory. This manipulation can lead to disruptions in service, potentially rendering devices unusable. Organizations utilizing these devices should take immediate action to address this risk.

References

https://github.com/CNK2100/2024-CVE/blob/main/README.md

CVSS V3.1

Score:

6.2

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 10, 2024

CVE-2024-50929 Data

JSON