Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities found for EmberZNet by silabs.com
CVE-2024-7322 (GCVE-0-2024-7322)
Vulnerability from nvd – Published: 2025-01-15 07:59 – Updated: 2026-04-20 15:10
VLAI
Title
Dos in ZigBee device due to unsolicited encrypted rejoin response
Summary
A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change in node ID causes Denial of Service (DoS). To recover from this DoS, the network must be re-established
Severity
5.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-940 - Improper Verification of Source of a Communication Channel
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://community.silabs.com/068Vm00000I7ri2 | vendor-advisorypermissions-required |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| silabs.com | EmberZNet |
Affected:
0 , < 7.3.3
(semver)
Affected: 7.4.0 , < 7.4.4 (semver) |
|
| silabs.com | EmberZNet |
Affected:
0 , < 8.1.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7322",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T14:46:49.430161Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T14:46:57.645Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "GSDK",
"product": "EmberZNet",
"vendor": "silabs.com",
"versions": [
{
"lessThan": "7.3.3",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "7.4.4",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "SiSDK",
"product": "EmberZNet",
"vendor": "silabs.com",
"versions": [
{
"lessThan": "8.1.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change\u0026nbsp;in node ID causes Denial of Service (DoS). To recover from this DoS, the network must be re-established"
}
],
"value": "A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change\u00a0in node ID causes Denial of Service (DoS). To recover from this DoS, the network must be re-established"
}
],
"impacts": [
{
"capecId": "CAPEC-176",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-176 Configuration/Environment Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-940",
"description": "CWE-940 Improper Verification of Source of a Communication Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-20T15:10:01.669Z",
"orgId": "030b2754-1501-44a4-bef8-48be86a33bf4",
"shortName": "Silabs"
},
"references": [
{
"tags": [
"vendor-advisory",
"permissions-required"
],
"url": "https://community.silabs.com/068Vm00000I7ri2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Dos in ZigBee device due to unsolicited encrypted rejoin response",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "030b2754-1501-44a4-bef8-48be86a33bf4",
"assignerShortName": "Silabs",
"cveId": "CVE-2024-7322",
"datePublished": "2025-01-15T07:59:55.430Z",
"dateReserved": "2024-07-31T09:01:54.841Z",
"dateUpdated": "2026-04-20T15:10:01.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-7322 (GCVE-0-2024-7322)
Vulnerability from cvelistv5 – Published: 2025-01-15 07:59 – Updated: 2026-04-20 15:10
VLAI
Title
Dos in ZigBee device due to unsolicited encrypted rejoin response
Summary
A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change in node ID causes Denial of Service (DoS). To recover from this DoS, the network must be re-established
Severity
5.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-940 - Improper Verification of Source of a Communication Channel
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://community.silabs.com/068Vm00000I7ri2 | vendor-advisorypermissions-required |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| silabs.com | EmberZNet |
Affected:
0 , < 7.3.3
(semver)
Affected: 7.4.0 , < 7.4.4 (semver) |
|
| silabs.com | EmberZNet |
Affected:
0 , < 8.1.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7322",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T14:46:49.430161Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T14:46:57.645Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "GSDK",
"product": "EmberZNet",
"vendor": "silabs.com",
"versions": [
{
"lessThan": "7.3.3",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "7.4.4",
"status": "affected",
"version": "7.4.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "SiSDK",
"product": "EmberZNet",
"vendor": "silabs.com",
"versions": [
{
"lessThan": "8.1.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change\u0026nbsp;in node ID causes Denial of Service (DoS). To recover from this DoS, the network must be re-established"
}
],
"value": "A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change\u00a0in node ID causes Denial of Service (DoS). To recover from this DoS, the network must be re-established"
}
],
"impacts": [
{
"capecId": "CAPEC-176",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-176 Configuration/Environment Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-940",
"description": "CWE-940 Improper Verification of Source of a Communication Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-20T15:10:01.669Z",
"orgId": "030b2754-1501-44a4-bef8-48be86a33bf4",
"shortName": "Silabs"
},
"references": [
{
"tags": [
"vendor-advisory",
"permissions-required"
],
"url": "https://community.silabs.com/068Vm00000I7ri2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Dos in ZigBee device due to unsolicited encrypted rejoin response",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "030b2754-1501-44a4-bef8-48be86a33bf4",
"assignerShortName": "Silabs",
"cveId": "CVE-2024-7322",
"datePublished": "2025-01-15T07:59:55.430Z",
"dateReserved": "2024-07-31T09:01:54.841Z",
"dateUpdated": "2026-04-20T15:10:01.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}