Vulnerability Description
Z-Wave devices using Silicon Labs 500 and 700 series chipsets, including but not likely limited to the SiLabs UZB-7 version 7.00, ZooZ ZST10 version 6.04, Aeon Labs ZW090-A version 3.95, and Samsung STH-ETH-200 version 6.04, are susceptible to denial of service via malformed routing messages.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Aeotec | Zw090-A | 3.95 |
| Samsung | Sth-Eth-200 | 6.04 |
| Silabs | Uzb-7 | 7.00 |
| Zooz | Zst10 | 6.04 |
| Silabs | 500 Series Firmware | All versions |
| Silabs | 700 Series Firmware | - |
Related Weaknesses (CWE)
References
- https://doi.org/10.1109/ACCESS.2021.3138768Broken Link
- https://github.com/CNK2100/VFuzz-publicThird Party Advisory
- https://ieeexplore.ieee.org/document/9663293Broken Link
- https://kb.cert.org/vuls/id/142629Third Party AdvisoryUS Government Resource
- https://www.kb.cert.org/vuls/id/142629Third Party AdvisoryUS Government Resource
- https://doi.org/10.1109/ACCESS.2021.3138768Broken Link
- https://github.com/CNK2100/VFuzz-publicThird Party Advisory
- https://ieeexplore.ieee.org/document/9663293Broken Link
- https://kb.cert.org/vuls/id/142629Third Party AdvisoryUS Government Resource
- https://www.kb.cert.org/vuls/id/142629Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2020-9061?
CVE-2020-9061 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Z-Wave devices using Silicon Labs 500 and 700 series chipsets, including but not likely limited to the SiLabs UZB-7 version 7.00, ZooZ ZST10 version 6.04, Aeon Labs ZW090-A version 3.95, and Samsung S...
How severe is CVE-2020-9061?
CVE-2020-9061 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-9061?
Check the references section above for vendor advisories and patch information. Affected products include: Aeotec Zw090-A, Samsung Sth-Eth-200, Silabs Uzb-7, Zooz Zst10, Silabs 500 Series Firmware.