CVE-2021-27289

A replay attack vulnerability was discovered in a Zigbee smart home kit manufactured by Ksix Zigbee Gateway Module = v1.0.3, Door Sensor = v1.0.7, Motion Sensor = v1.0.12, where the Zigbee anti-replay mechanism - based on the frame counter field - is improperly implemented. As a result, an attack...

CVE-2021-27289

A replay attack vulnerability was discovered in a Zigbee smart home kit manufactured by Ksix Zigbee Gateway Module = v1.0.3, Door Sensor = v1.0.7, Motion Sensor = v1.0.12, where the Zigbee anti-replay mechanism - based on the frame counter field - is improperly implemented. As a result, an attack...

ZigBee 安全漏洞

ZigBee is a low-speed, short-range transmission wireless network protocol from the ZigBee open source. A security vulnerability exists in Zigbee version v1.0.3, which stems from an improper implementation of the Zigbee anti-replay mechanism and could lead to a replay attack...

CVE-2021-27289

A replay attack vulnerability was discovered in a Zigbee smart home kit manufactured by Ksix Zigbee Gateway Module = v1.0.3, Door Sensor = v1.0.7, Motion Sensor = v1.0.12, where the Zigbee anti-replay mechanism - based on the frame counter field - is improperly implemented. As a result, an attack...

CVE-2021-27289

A replay attack vulnerability was discovered in a Zigbee smart home kit manufactured by Ksix Zigbee Gateway Module = v1.0.3, Door Sensor = v1.0.7, Motion Sensor = v1.0.12, where the Zigbee anti-replay mechanism - based on the frame counter field - is improperly implemented. As a result, an attack...

CVE-2021-27289

The CVE-2021-27289 entry concerns a replay-attack weakness in a Zigbee-based Ksix smart home kit. Affected components are Zigbee Gateway Module v1.0.3, Door Sensor v1.0.7, and Motion Sensor v1.0.12. The root cause is an improper implementation of Zigbee’s anti-replay mechanism (frame counter-base...

Linux Distros Unpatched Vulnerability : CVE-2015-6244

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dissectzbeesecure function in epan/dissectors/packet-zbee-security.c in the ZigBee dissector in Wireshark 1.12.x before 1.12.7 improperly relies on length...

CVE-2024-3043

An unauthenticated IEEE 802.15.4 'co-ordinator realignment' packet can be used to force Zigbee nodes to change their network identifier pan ID, leading to a denial of service. This packet type is not useful in production and should be used only for PHY qualification...

CVE-2024-7322

A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change in node ID causes Denial of Service DoS. To recover from this DoS, the network must be re-established...

CVE-2024-7322

A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change in node ID causes Denial of Service DoS. To recover from this DoS, the network must be re-established...

CVE-2024-7322

Silicon Labs EmberZNet Zigbee stack is affected: a Zigbee coordinator, router, or end device may change its node ID when it receives an unsolicited encrypted rejoin response, causing a Denial of Service (DoS). The DoS impact is network-wide and requires re-establishment of the network. Affected s...

CVE-2024-7322 Dos in ZigBee device due to unsolicited encrypted rejoin response

A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change in node ID causes Denial of Service DoS. To recover from this DoS, the network must be re-established...

CVE-2024-7322 Dos in ZigBee device due to unsolicited encrypted rejoin response

A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change in node ID causes Denial of Service DoS. To recover from this DoS, the network must be re-established...

Silicon Labs EmberZNet 访问控制错误漏洞

Silicon Labs EmberZNet is a complete Zigbee protocol package from Silicon Labs, Inc. that contains all the elements required for robust and reliable mesh networking applications on the Silicon Labs Ember platform. An access control error vulnerability exists in Silicon Labs EmberZNet, which stems...

PT-2025-3692 · Zigbee · Zigbee

Name of the Vulnerable Software and Affected Versions: ZigBee affected versions not specified Description: A ZigBee coordinator, router, or end device may change its node ID when it receives an unsolicited encrypted rejoin response. This change in node ID causes a Denial of Service DoS. To recove...

VulnCheck KEV: CVE-2024-11305

A vulnerability classified as critical was found in Altenergy Power Control Software up to 20241108. This vulnerability affects the function getstatuszigbee of the file /index.php/display/statuszigbee. The manipulation of the argument date leads to sql injection. The attack can be initiated...

PT-2024-16897 · Altenergy · Altenergy Power Control

Name of the Vulnerable Software and Affected Versions: Altenergy Power Control Software versions up to 20241108 Description: A critical vulnerability has been found in the Altenergy Power Control Software, affecting the get status zigbee function of the file /index.php/display/status zigbee. The...

The vulnerability of Ember ZNet’s microprogramming software library for monitoring and controlling Sentron Powercenter 1000 allows a intruder to cause a service failure.

The vulnerability of Ember ZNet’s microprogramming software for monitoring and controlling energy systems in Sentron Powercenter 1000 lies in the possibility of manipulating the NWK serial number. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : wireshark (SUSE-SU-2024:3165-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3165-1 advisory. wireshark was updated from version 3.6.23 to version 4.2.6 jscPED-8517: - Security issues fixed...

openSUSE Security Advisory (SUSE-SU-2024:1865-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...