CVE-2023-6533 — MEDIUM (6.5)

Q: How severe is CVE-2023-6533?

CVE-2023-6533 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-6533?

Check the references section above for vendor advisories and patch information. Affected products include: Silabs Z-Wave Pc-Based Controller.

Vulnerability Description

Malformed Device Reset Locally Command Class packets can be sent to the controller, causing the controller to assume the end device has left the network. After this, frames sent by the end device will not be acknowledged by the controller. This vulnerability exists in PC Controller v5.54.0, and earlier.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Silabs	Z-Wave Pc-Based Controller	<= 5.54

Related Weaknesses (CWE)

CWE-248 CWE-419

References

https://community.silabs.com/068Vm000001HdNmPermissions Required
https://community.silabs.com/068Vm000001HdNmPermissions Required

FAQ

What is CVE-2023-6533?

CVE-2023-6533 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Malformed Device Reset Locally Command Class packets can be sent to the controller, causing the controller to assume the end device has left the network. After this, frames sent by the end device will...

How severe is CVE-2023-6533?

CVE-2023-6533 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-6533?

Check the references section above for vendor advisories and patch information. Affected products include: Silabs Z-Wave Pc-Based Controller.