Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Z-Wave specification requires that S2 security can be downgraded to S0 or other less secure protocols, allowing an attacker within radio range during pairing to downgrade and then exploit a different vulnerability (CVE-2013-20003) to intercept and spoof traffic.
CVSS Information
N/A
Vulnerability Type
在会话协商时选择低安全性的算法(算法降级)
Vulnerability Title
Z-Wave 安全漏洞
Vulnerability Description
Z-Wave是一种主要用于家庭自动化的无线通信协议。它是一种网状网络,使用低耗能无线电波在设备与设备间进行通信,从而无线控制家中电器和其他设备,例如控制照明、安全系统、恒温器、窗户、锁、游泳池和车库门开启器。 Z-Wave设备存在安全漏洞,该漏洞源于Z-Wave规范要求S2安全性可以降级为S0或其他不太安全的协议,允许配对期间无线电范围内的攻击者可利用该漏洞降级,然后利用另一个漏洞(CVE-2013-20003)来拦截和欺骗流量。
CVSS Information
N/A
Vulnerability Type
N/A