Oh my..
Maybe couple of updates and problem solved..or not.
1 Like
The last 3 seem the most significant - the other stuff is basically older chipsets don't contain encryption + S0 is overly chatty.
Here are the last 3:
CVE-2020-9060
Z-Wave devices based on Silicon Labs 500 series chipsets using S2 are susceptible to denial of service and resource exhaustion via malformed SECURITY NONCE GET, SECURITY NONCE GET 2, NO OPERATION, or NIF REQUEST messages.CVE-2020-9061
Z-Wave devices based on Silicon Labs 500 and 700 series chipsets are susceptible to denial of service via malformed routing messages.CVE-2020-10137
Z-Wave devices based on Silicon Labs 700 series chipsets using S2 do not adequately authenticate or encrypt FIND_NODE_IN_RANGE frames.
However I don't use S2 encryption on most things.. and have Zigbee locks. 500 series Garage Relays etc could be an issue. Not sure what impact the last one on the list would have.
1 Like
