Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Z-Wave devices based on Silicon Labs 100, 200, and 300 series chipsets do not support encryption, allowing an attacker within radio range to take control of or cause a denial of service to a vulnerable device. An attacker can also capture and replay Z-Wave traffic. Firmware upgrades cannot directly address this vulnerability as it is an issue with the Z-Wave specification for these legacy chipsets. One way to protect against this vulnerability is to use 500 or 700 series chipsets that support Security 2 (S2) encryption. As examples, the Linear WADWAZ-1 version 3.43 and WAPIRZ-1 version 3.43 (with 300 series chipsets) are vulnerable.
CVSS Information
N/A
Vulnerability Type
敏感数据加密缺失
Vulnerability Title
Z-Wave 安全漏洞
Vulnerability Description
Z-Wave是一种主要用于家庭自动化的无线通信协议。它是一种网状网络,使用低耗能无线电波在设备与设备间进行通信,从而无线控制家中电器和其他设备,例如控制照明、安全系统、恒温器、窗户、锁、游泳池和车库门开启器。 Z-Wave 设备存在安全漏洞,该漏洞源于设备不支持加密,这使得在无线电范围内的攻击者能够控制或拒绝为脆弱设备提供服务。攻击者还可以捕获和重放Z-Wave流量
CVSS Information
N/A
Vulnerability Type
N/A