CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-9058

Z-Wave devices based on Silicon Labs 500 series chipsets using CRC-16 encapsulation, including but likely not limited to the Linear LB60Z-1 version 3.5, Dome DM501 version 4.26, and Jasco ZW4201 version 4.05, do not implement encryption or replay protection.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.4%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 4.8

References

https://doi.org/10.1109/ACCESS.2021.3138768
https://github.com/CNK2100/VFuzz-public
https://ieeexplore.ieee.org/document/9663293
https://kb.cert.org/vuls/id/142629
https://www.kb.cert.org/vuls/id/142629
https://doi.org/10.1109/ACCESS.2021.3138768
https://github.com/CNK2100/VFuzz-public
https://ieeexplore.ieee.org/document/9663293
https://kb.cert.org/vuls/id/142629
https://www.kb.cert.org/vuls/id/142629

Products affected by CVE-2020-9058

Dome » Dm501 » Version: 4.26

cpe:2.3:o:dome:dm501:4.26
Jasco » Zw4201 » Version: 4.05

cpe:2.3:o:jasco:zw4201:4.05
Linear » Lb60z-1 » Version: 3.5

cpe:2.3:o:linear:lb60z-1:3.5
Silabs » 500 Series Firmware » Version: Any

cpe:2.3:o:silabs:500_series_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-9058

Products

Pricing

Contact Us