CVE-2025-8414 Zigbee Green Power Host Buffer Overflow Vulnerability

Due to improper input validation, a buffer overflow vulnerability is present in Zigbee EZSP Host Applications. If the buffer overflows, stack corruption is possible. In certain conditions, this could lead to arbitrary code execution. Access to a network key is required to exploit this vulnerabili...

ZigBee 安全漏洞

ZigBee is a low-speed, short-range transmission wireless networking protocol from the ZigBee open source. A security vulnerability exists in ZigBee that stems from improper input validation leading to a buffer overflow that could lead to stack corruption and arbitrary code execution...

EUVD-2016-3482

Malware in sbrugna...

EUVD-2022-41610

Malicious code in bioql PyPI...

CVE-2025-1221

A Zigbee Radio Co-Processor RCP, which is using SiLabs EmberZNet Zigbee stack, was unable to send messages to the host system CPCd due to heavy Zigbee traffic, resulting in a Denial of Service DoS attack, Only hard reset will bring the device to normal operation...

CVE-2016-2398

Comcast XFINITY Home Security System does not properly maintain base-station communication, which allows physically proximate attackers to defeat sensor functionality by interfering with ZigBee 2.4 GHz transmissions...

CVE-2021-27289

A replay attack vulnerability was discovered in a Zigbee smart home kit manufactured by Ksix Zigbee Gateway Module = v1.0.3, Door Sensor = v1.0.7, Motion Sensor = v1.0.12, where the Zigbee anti-replay mechanism - based on the frame counter field - is improperly implemented. As a result, an attack...

CVE-2021-27289

A replay attack vulnerability was discovered in a Zigbee smart home kit manufactured by Ksix Zigbee Gateway Module = v1.0.3, Door Sensor = v1.0.7, Motion Sensor = v1.0.12, where the Zigbee anti-replay mechanism - based on the frame counter field - is improperly implemented. As a result, an attack...

CVE-2021-27289

The CVE-2021-27289 entry concerns a replay-attack weakness in a Zigbee-based Ksix smart home kit. Affected components are Zigbee Gateway Module v1.0.3, Door Sensor v1.0.7, and Motion Sensor v1.0.12. The root cause is an improper implementation of Zigbee’s anti-replay mechanism (frame counter-base...

CVE-2023-29779

Sengled Dimmer Switch V0.0.9 contains a denial of service DOS vulnerability, which allows a remote attacker to send malicious Zigbee messages to a vulnerable device and cause crashes. After receiving the malicious command, the device will keep reporting its status and finally drain its battery...

CVE-2023-29780

Third Reality Smart Blind 1.00.54 contains a denial-of-service vulnerability, which allows a remote attacker to send malicious Zigbee messages to a vulnerable device and cause crashes...

CVE-2022-39065

A single malformed IEEE 802.15.4 Zigbee frame makes the TRÅDFRI gateway unresponsive, such that connected lighting cannot be controlled with the IKEA Home Smart app and TRÅDFRI remote control. The malformed Zigbee frame is an unauthenticated broadcast message, which means all vulnerable devices...

PT-2022-24707 · Ikea · Trådfri Gateway

Name of the Vulnerable Software and Affected Versions: TRÅDFRI gateway affected versions not specified Description: A single malformed IEEE 802.15.4 Zigbee frame can make the TRÅDFRI gateway unresponsive. This results in connected lighting being unable to be controlled with the IKEA Home Smart ap...

CVE-2015-8732

The dissectzclpwrprofpwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service out-of-bound...