Denial of Service Vulnerability in Silicon Labs ZigBee Devices
CVE-2024-7322

5.8MEDIUM

Key Information:

Vendor: Silabs.com
Status: Emberznet
Vendor: CVE Published:; 15 January 2025

What is CVE-2024-7322?

A vulnerability exists within Silicon Labs ZigBee devices where a change in node ID may occur upon receiving an unsolicited encrypted rejoin response. This change can lead to a denial of service condition, necessitating a complete re-establishment of the network for recovery.

Affected Version(s)

EmberZNet 0 < 7.4.4

EmberZNet 8.0.0 < 8.1.0

References

https://community.silabs.com/068Vm00000I7ri2

vendor-advisorypermissions-required

CVSS V3.1

Score:

5.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 15, 2025
Vulnerability Reserved
Jul 31, 2024

Silabs.com

What is CVE-2024-7322?

Affected Version(s)

References

CVSS V3.1

Timeline