Vulnerability Description
Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible to uncontrolled resource consumption leading to battery exhaustion. As an example, the Schlage BE468 version 3.42 door lock is vulnerable and fails open at a low battery level.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Silabs | 500 Series Firmware | All versions |
| Schlage | Be468 | 3.42 |
Related Weaknesses (CWE)
References
- https://doi.org/10.1109/ACCESS.2021.3138768Broken Link
- https://github.com/CNK2100/VFuzz-publicThird Party Advisory
- https://ieeexplore.ieee.org/document/9663293Broken Link
- https://kb.cert.org/vuls/id/142629Third Party AdvisoryUS Government Resource
- https://www.kb.cert.org/vuls/id/142629Third Party AdvisoryUS Government Resource
- https://doi.org/10.1109/ACCESS.2021.3138768Broken Link
- https://github.com/CNK2100/VFuzz-publicThird Party Advisory
- https://ieeexplore.ieee.org/document/9663293Broken Link
- https://kb.cert.org/vuls/id/142629Third Party AdvisoryUS Government Resource
- https://www.kb.cert.org/vuls/id/142629Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2020-9059?
CVE-2020-9059 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible to uncontrolled resource consumption leading to battery exhaustion. As an example, the Schlage BE468 ve...
How severe is CVE-2020-9059?
CVE-2020-9059 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-9059?
Check the references section above for vendor advisories and patch information. Affected products include: Silabs 500 Series Firmware, Schlage Be468.