First published: Wed Oct 04 2023(Updated: )
TouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and Missing Release of Resource after Effective Lifetime may allow a device to be added outside of valid TouchLink range or pairing duration This issue affects Ember ZNet 7.1.x from 7.1.3 through 7.1.5; 7.2.x from 7.2.0 through 7.2.3; Version 7.3 and later are unaffected
Credit: product-security@silabs.com product-security@silabs.com
Affected Software | Affected Version | How to fix |
---|---|---|
Silabs Emberznet | >=7.1.3<=7.1.5 | |
Silabs Emberznet | >=7.2.0<=7.2.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this issue is CVE-2023-41094.
The title of this vulnerability is TouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and Missing Release of Resource after Effective Lifetime.
The severity of CVE-2023-41094 is critical with a CVSS score of 9.8.
The affected software is Silabs Emberznet versions 7.1.3 to 7.1.5 and 7.2.0 to 7.2.3.
There is currently no known fix for this vulnerability. It is recommended to follow the suggestions provided by the vendor.