Vulnerability Details CVE-2023-5310
A denial of service vulnerability exists in all Silicon Labs Z-Wave controller and endpoint devices running Z-Wave SDK v7.20.3 (Gecko SDK v4.3.3) and earlier. This attack can be carried out only by devices on the network sending a stream of packets to the device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 24.9%
CVSS Severity
CVSS v3 Score 5.7
References
- https://github.com/SiliconLabs/gecko_sdk/releases
- https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/069Vm0000005E7EIAU?%20operationContext=S1
- https://github.com/SiliconLabs/gecko_sdk/releases
- https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/069Vm0000005E7EIAU?%20operationContext=S1
Products affected by CVE-2023-5310
-
cpe:2.3:a:silabs:z-wave_software_development_kit:-
-
cpe:2.3:a:silabs:z-wave_software_development_kit:7.17.1.0
-
cpe:2.3:a:silabs:z-wave_software_development_kit:7.17.2.0
-
cpe:2.3:a:silabs:z-wave_software_development_kit:7.18.0.0
-
cpe:2.3:a:silabs:z-wave_software_development_kit:7.18.1.0
-
cpe:2.3:a:silabs:z-wave_software_development_kit:7.18.2.0
-
cpe:2.3:a:silabs:z-wave_software_development_kit:7.18.3.0
-
cpe:2.3:a:silabs:z-wave_software_development_kit:7.18.4.0
-
cpe:2.3:a:silabs:z-wave_software_development_kit:7.18.6.0
-
cpe:2.3:a:silabs:z-wave_software_development_kit:7.19.0.0
-
cpe:2.3:a:silabs:z-wave_software_development_kit:7.19.1.0
-
cpe:2.3:a:silabs:z-wave_software_development_kit:7.19.2.0
-
cpe:2.3:a:silabs:z-wave_software_development_kit:7.19.3.0
-
cpe:2.3:a:silabs:z-wave_software_development_kit:7.19.4.0
-
cpe:2.3:a:silabs:z-wave_software_development_kit:7.20.0.0
-
cpe:2.3:a:silabs:z-wave_software_development_kit:7.20.1.0
-
cpe:2.3:a:silabs:z-wave_software_development_kit:7.20.2.0
-
cpe:2.3:h:silabs:z-wave_long_range_700:-
-
cpe:2.3:h:silabs:z-wave_long_range_800:-