CVE-2025-1221

CVE-2025-1221 affects Zigbee Radio Co-Processors using Silicon Labs EmberZNet Zigbee stack. The issue arises from heavy Zigbee traffic that prevents messages from being sent to the host system (CPCd), causing a Denial of Service. Practical impact is DoS with normal operation only restored by a ha...

CVE-2025-1221 DoS in Zigbee device due to heavy traffic

A Zigbee Radio Co-Processor RCP, which is using SiLabs EmberZNet Zigbee stack, was unable to send messages to the host system CPCd due to heavy Zigbee traffic, resulting in a Denial of Service DoS attack, Only hard reset will bring the device to normal operation...

Silicon Labs Zigbee EmberZNet SDK 安全漏洞

Silicon Labs Zigbee EmberZNet SDK is a software development kit for developing Zigbee networks from Silicon Labs, Inc. A security vulnerability exists in the Silicon Labs Zigbee EmberZNet SDK that stems from improper handling of buffer management API error states, which could lead to a data...

PT-2025-31378 · Silicon · Ember Znet

Name of the Vulnerable Software and Affected Versions: SiLabs EmberZNet Zigbee stack affected versions not specified Description: Failure to handle error statuses returned by the buffer management APIs may result in data leaks or a potential Denial of Service DoS. Recommendations: At the moment,...

Silicon Labs Zigbee EmberZNet SDK 安全漏洞

Silicon Labs Zigbee EmberZNet SDK is a software development kit for developing Zigbee networks from Silicon Labs, Inc. A security vulnerability exists in the Silicon Labs Zigbee EmberZNet SDK that stems from high traffic resulting in a message delivery failure that could lead to a denial of servi...

PT-2025-31377 · Silicon · Ember Znet

Name of the Vulnerable Software and Affected Versions: SiLabs EmberZNet Zigbee stack affected versions not specified Description: A Zigbee Radio Co-Processor RCP using the SiLabs EmberZNet Zigbee stack was unable to send messages to the host system CPCd due to heavy Zigbee traffic. This resulted ...

The Trip to ZigBee Backscatter across a Decade, a Systematic Review

The field of backscatter communication has undergone a profound transformation, evolving from a niche technology for radio-frequency identification RFID into a sophisticated paradigm poised to enable a truly battery-free Internet of Things IoT. This evolution is built upon a deepening understandi...

CVE-2024-7322

A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change in node ID causes Denial of Service DoS. To recover from this DoS, the network must be re-established...

CVE-2023-24678

A vulnerability in Centralite Pearl Thermostat 0x04075010 allows attackers to cause a Denial of Service DoS via a crafted Zigbee message...

CVE-2022-39065

A single malformed IEEE 802.15.4 Zigbee frame makes the TRÅDFRI gateway unresponsive, such that connected lighting cannot be controlled with the IKEA Home Smart app and TRÅDFRI remote control. The malformed Zigbee frame is an unauthenticated broadcast message, which means all vulnerable devices...

CVE-2022-39064

An attacker sending a single malformed IEEE 802.15.4 Zigbee frame makes the TRÅDFRI bulb blink, and if they replay i.e. resend the same frame multiple times, the bulb performs a factory reset. This causes the bulb to lose configuration information about the Zigbee network and current brightness...

CVE-2020-27891

The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Read Reporting Configuration Response message. It crashes in zclHandleExternal...

CVE-2020-27890

The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Write Attributes No Response message. It crashes in zclParseInWriteCmd and does not update the specific attribute's value...

CVE-2019-15911

An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Because of insecure key transport in ZigBee communication, attackers can obtain sensitive information, cause the multiple denial of service attacks, take over smart home devices, and...

CVE-2019-15912

An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Attackers can use the ZigBee trust center rejoin procedure to perform mutiple denial of service attacks...

CVE-2019-15910

An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Attackers can utilize the "discover ZigBee network procedure" to perform a denial of service attack...

CVE-2019-15914

An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM devices. Attackers can use the ZigBee trust center rejoin procedure to perform mutiple denial of service attacks...

CVE-2019-15913

An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM devices. Because of insecure key transport in ZigBee communication, causing attackers to gain sensitive information and denial of service attack, take over smart home devices, and tamper with messages...

CVE-2019-15915

An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, RTCGQ01LM devices. Attackers can utilize the "discover ZigBee network procedure" to perform a denial of service attack...

CVE-2016-2398

Comcast XFINITY Home Security System does not properly maintain base-station communication, which allows physically proximate attackers to defeat sensor functionality by interfering with ZigBee 2.4 GHz transmissions...