First published: Tue Oct 27 2020(Updated: )
The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Write Attributes No Response message. It crashes in zclParseInWriteCmd() and does not update the specific attribute's value.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Ti Z-stack | =3.0.1 | |
Ti Cc2538 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Zigbee protocol implementation issue is CVE-2020-27890.
This vulnerability affects Texas Instruments CC2538 devices with Z-Stack 3.0.1.
The severity rating of CVE-2020-27890 is high with a score of 8.2.
This vulnerability causes a crash in zclParseInWriteCmd() when processing a ZCL Write Attributes No Response message, failing to update the specific attribute's value.
There is no information provided regarding a fix or patch for this vulnerability.