Vulnerability Description
An attacker sending a single malformed IEEE 802.15.4 (Zigbee) frame makes the TRÅDFRI bulb blink, and if they replay (i.e. resend) the same frame multiple times, the bulb performs a factory reset. This causes the bulb to lose configuration information about the Zigbee network and current brightness level. After this attack, all lights are on with full brightness, and a user cannot control the bulbs with either the IKEA Home Smart app or the TRÅDFRI remote control. The malformed Zigbee frame is an unauthenticated broadcast message, which means all vulnerable devices within radio range are affected. CVSS 3.1 Base Score 7.1 vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ikea | Tradfri Led1732G11 Firmware | - |
| Ikea | Tradfri Led1732G11 | - |
Related Weaknesses (CWE)
References
- https://www.synopsys.com/blogs/software-security/cyrc-advisory-ikea-tradfri-smarThird Party Advisory
- https://www.synopsys.com/blogs/software-security/cyrc-advisory-ikea-tradfri-smarThird Party Advisory
FAQ
What is CVE-2022-39064?
CVE-2022-39064 is a vulnerability with a CVSS score of 8.1 (HIGH). An attacker sending a single malformed IEEE 802.15.4 (Zigbee) frame makes the TRÅDFRI bulb blink, and if they replay (i.e. resend) the same frame multiple times, the bulb performs a factory reset. Thi...
How severe is CVE-2022-39064?
CVE-2022-39064 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-39064?
Check the references section above for vendor advisories and patch information. Affected products include: Ikea Tradfri Led1732G11 Firmware, Ikea Tradfri Led1732G11.