Z-Wave devices based on Silicon Labs 700 series chipsets using S2 do not adequately authenticate or encrypt FIND_NODE_IN_RANGE frames, allowing a remote, unauthenticated attacker to inject a FIND_NODE_IN_RANGE frame with an invalid random payload, denying service by blocking the processing of upcoming events.
[
{
"product": "UZB-7",
"vendor": "Silicon Labs",
"versions": [
{
"status": "affected",
"version": "7.00"
}
]
}
]