Lucene search

[email protected]NVD:CVE-2023-29780

HistoryApr 24, 2023 - 7:15 p.m.

CVE-2023-29780

2023-04-2419:15:09

CWE-20

[email protected]

web.nvd.nist.gov

third reality smart blind

denial-of-service

vulnerability

zigbee

remote attacker

crashes

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

57.7%

JSON

Third Reality Smart Blind 1.00.54 contains a denial-of-service vulnerability, which allows a remote attacker to send malicious Zigbee messages to a vulnerable device and cause crashes.

Affected configurations

Nvd

Node

3reality3rsb015bzMatch-

AND

3reality3rsb015bz_firmwareMatch1.00.54

VendorProductVersionCPE
3reality3rsb015bz-cpe:2.3:h:3reality:3rsb015bz:-:*:*:*:*:*:*:*
3reality3rsb015bz_firmware1.00.54cpe:2.3:o:3reality:3rsb015bz_firmware:1.00.54:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
3reality	3rsb015bz	-	cpe:2.3:h:3reality:3rsb015bz:-:::::::*
3reality	3rsb015bz_firmware	1.00.54	cpe:2.3:o:3reality:3rsb015bz_firmware:1.00.54:::::::*

References

github.com/iot-sec23/IoT-CVE/blob/main/Third%20Reality%20Smart%20Blind%20Vulnerability%20Report.pdf

www.3reality.com/

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

57.7%

JSON

Related for NVD:CVE-2023-29780

cvelist1 cve1 prion1