First published: Mon Dec 27 2021(Updated: )
Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible to uncontrolled resource consumption leading to battery exhaustion. As an example, the Schlage BE468 version 3.42 door lock is vulnerable and fails open at a low battery level.
Credit: cret@cert.org
Affected Software | Affected Version | How to fix |
---|---|---|
Silabs 500 Series Firmware | ||
Schlage BE468 | =3.42 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Vulnerability CVE-2020-9059 is a vulnerability in Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication that allows for uncontrolled resource consumption leading to battery exhaustion.
The Schlage BE468 version 3.42 door lock is specifically affected by vulnerability CVE-2020-9059.
The severity of vulnerability CVE-2020-9059 is medium with a severity value of 6.5.
To fix vulnerability CVE-2020-9059, it is recommended to update the firmware of the affected Z-Wave devices based on Silicon Labs 500 series chipsets and use a newer version that addresses the issue.
Yes, here are some references for more information about vulnerability CVE-2020-9059: [1](https://doi.org/10.1109/ACCESS.2021.3138768), [2](https://github.com/CNK2100/VFuzz-public), [3](https://ieeexplore.ieee.org/document/9663293).