Z-stack Security Vulnerabilities and Issues — Z-stack CVE List

Lucene search

TiZ-stack

4 matches found

CVE•added 2020/10/27 9:15 p.m.•50 views

CVE-2020-27892

The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Discover Commands Received Response message or a ZCL Discover Commands Generated Response message. It crashes in zclParseInDiscCmdsRspCmd().

7.5CVSS7.5AI score0.00536EPSS

CVE•added 2020/10/27 9:15 p.m.•43 views

CVE-2020-27891

The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Read Reporting Configuration Response message. It crashes in zclHandleExternal().

7.5CVSS7.5AI score0.00536EPSS

CVE•added 2021/09/20 8:15 p.m.•36 views

CVE-2020-16630

TI’s BLE stack caches and reuses the LTK’s property for a bonded mobile. A LTK can be an unauthenticated-and-no-MITM-protection key created by Just Works or an authenticated-and-MITM-protection key created by Passkey Entry, Numeric Comparison or OOB. Assume that a victim mobile uses secure pairing ...

6.8CVSS6.5AI score0.00137EPSS

CVE•added 2020/10/27 9:15 p.m.•33 views

CVE-2020-27890

The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Write Attributes No Response message. It crashes in zclParseInWriteCmd() and does not update the specific attribute's value.

8.2CVSS8.1AI score0.00468EPSS