Lucene search
K

73 matches found

CVE
CVE
added 2026/06/25 1:41 p.m.16 views

CVE-2026-47152

CVE-2026-47152 affects EmberZNet v9.0.2 and earlier. A malformed Level Control Move command (from a device already joined to the network, impacting devices that support the Level Control cluster) can trigger a divide-by-zero fault, terminating the process. Impact is aligned with the CVSS data: hi...

7.1CVSS5.8AI score0.00249EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/25 1:41 p.m.5 views

EUVD-2026-39407

In EmberZNet v9.0.2 and earlier, a malformed Level Control Move command can terminate the process through a divide-by-zero fault. This command must come from a device that has already joined the network. Only devices supporting the Level Control cluster may be impacted...

7.1CVSS5.8AI score0.00249EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 1:41 p.m.33 views

CVE-2026-47152 Level Control Move divide-by-zero in EmberZNet v9.0.2

In EmberZNet v9.0.2 and earlier, a malformed Level Control Move command can terminate the process through a divide-by-zero fault. This command must come from a device that has already joined the network. Only devices supporting the Level Control cluster may be impacted...

7.1CVSS0.00249EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 1:40 p.m.5 views

EUVD-2026-39406

In EmberZNet v9.0.2 and earlier, malformed ClearWeekdaySchedule messages can trigger out-of-bounds writes into Door Lock schedule state. The size and location of this data is limited. These messages must come from a device that has already joined the network. Only devices supporting the Door Lock...

7.1CVSS5.8AI score0.00217EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 1:40 p.m.24 views

CVE-2026-47151

In EmberZNet v9.0.2 and earlier, malformed ClearWeekdaySchedule messages can cause out-of-bounds writes in Door Lock schedule state. Impact: potential HIGH availability disruption and LOW integrity impact; no confidentiality change. These messages must originate from a device already joined to th...

7.1CVSS5.8AI score0.00217EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/25 1:39 p.m.3 views

EUVD-2026-39405

In EmberZNet v9.0.2 and earlier, malformed IAS Zone enrollment messages can trigger an out-of-bounds state-table write and terminate the process. The size and location of this write is limited. These messages must come from a device that has already joined the network. Only devices supporting the...

7.1CVSS5.8AI score0.00217EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 1:39 p.m.30 views

CVE-2026-47150 IAS Zone enroll invalid table index and write in EmberZNet 9.0.2

In EmberZNet v9.0.2 and earlier, malformed IAS Zone enrollment messages can trigger an out-of-bounds state-table write and terminate the process. The size and location of this write is limited. These messages must come from a device that has already joined the network. Only devices supporting the...

7.1CVSS0.00217EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 1:39 p.m.26 views

CVE-2026-47150

The advisory concerns EmberZNet v9.0.2 and earlier where malformed IAS Zone enrollment messages can trigger an out-of-bounds write to a state-table, terminating the process. The write’s size/location are bounded, and only messages from devices that have already joined the network affect devices s...

7.1CVSS5.8AI score0.00217EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/25 1:38 p.m.31 views

CVE-2026-47149 Door Lock GetUserType invalid table index in EmberZNet v9.0.2

In EmberZNet v9.0.2 and earlier, malformed or out-of-range Door Lock user identifiers can trigger out-of-bounds table reads and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observed. Only devic...

7.1CVSS0.00249EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 1:38 p.m.4 views

EUVD-2026-39404

In EmberZNet v9.0.2 and earlier, malformed or out-of-range Door Lock user identifiers can trigger out-of-bounds table reads and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observed. Only devic...

7.1CVSS5.8AI score0.00249EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 1:38 p.m.13 views

CVE-2026-47149

CVE-2026-47149 affects EmberZNet v9.0.2 and earlier: malformed or out-of-range Door Lock user identifiers can trigger out-of-bounds table reads, terminating the process. Impacts devices that have joined the network and support the Door Lock cluster. No information leakage to the sender was observ...

7.1CVSS5.8AI score0.00249EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/25 1:38 p.m.5 views

CVE-2026-47149

In EmberZNet v9.0.2 and earlier, malformed or out-of-range Door Lock user identifiers can trigger out-of-bounds table reads and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observed. Only devic...

7.1CVSS5.8AI score0.00249EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 1:37 p.m.32 views

CVE-2026-47148 Groups GetGroupMembership count/list-length mismatch in EmberZNet v9.0.2

In EmberZNet v9.0.2 and earlier, malformed GetGroupMembership commands can trigger repeated reads past the end of the message payload and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observed...

7.1CVSS0.00249EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 1:37 p.m.4 views

EUVD-2026-39403

In EmberZNet v9.0.2 and earlier, malformed GetGroupMembership commands can trigger repeated reads past the end of the message payload and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observed...

7.1CVSS5.9AI score0.00249EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/25 1:37 p.m.12 views

CVE-2026-47148

In EmberZNet v9.0.2 and earlier, malformed GetGroupMembership commands can trigger repeated reads past the end of the message payload and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observed...

7.1CVSS5.9AI score0.00249EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 1:37 p.m.16 views

CVE-2026-47148

CVE-2026-47148 affects EmberZNet v9.0.2 and earlier. Malformed GetGroupMembership commands can trigger reads past the end of the message payload, potentially terminating the process. The impact is observed on devices that have already joined the network and that support the Groups cluster; no inf...

7.1CVSS5.9AI score0.00249EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/25 1:36 p.m.15 views

CVE-2026-47147

The CVE affects EmberZNet (v9.0.2 and earlier) where the OTA server raw parser fails to validate per-field bounds in OTA requests. This can cause out-of-bounds reads of a limited amount of RAM, with the leaked data size/location constrained; exploitation requires the requester to be an already-jo...

7.1CVSS5.8AI score0.00231EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/25 1:36 p.m.31 views

CVE-2026-47147 OTA server raw parser missing per-field bounds validation in EmberZNet v9.0.2

In EmberZNet v9.0.2 and earlier, malformed OTA requests can drive the OTA server parser into out-of-bounds reads. A limited amount of data from RAM is read back to the requester. The size and location of this data is limited. These requests must come from a device that has already joined the...

7.1CVSS0.00231EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 1:36 p.m.5 views

EUVD-2026-39401

In EmberZNet v9.0.2 and earlier, malformed OTA requests can drive the OTA server parser into out-of-bounds reads. A limited amount of data from RAM is read back to the requester. The size and location of this data is limited. These requests must come from a device that has already joined the...

7.1CVSS5.8AI score0.00231EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/25 1:36 p.m.5 views

CVE-2026-47147

In EmberZNet v9.0.2 and earlier, malformed OTA requests can drive the OTA server parser into out-of-bounds reads. A limited amount of data from RAM is read back to the requester. The size and location of this data is limited. These requests must come from a device that has already joined the...

7.1CVSS5.8AI score0.00231EPSS
Exploits0References3
Rows per page
Query Builder