CVE-2013-20003

High

Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (using S0 security) may use a known, shared network key of all zeros,…

certcc·CWE-327·Published 2022-02-04

CVSS

8.3

EPSS

0.01

KEV

Exploits

cve.orgen

199 chars

Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (using S0 security) may use a known, shared network key of all zeros, allowing an attacker within radio range to spoof Z-Wave traffic.

NVDen

199 chars

Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (using S0 security) may use a known, shared network key of all zeros, allowing an attacker within radio range to spoof Z-Wave traffic.

Los dispositivos Z-Wave de Sierra Designs (alrededor de 2013) y Silicon Labs (que usan seguridad S0) pueden usar una clave de red conocida y compartida de todos los ceros, lo que permite a un atacante dentro del rango de radio falsificar el tráfico Z-Wave

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.9	5.5	10.0	AV:A/AC:M/Au:N/C:C/I:C/A:C
3.1	Primary	NVD	8.3	1.6	6.0	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H