What the vulnerability does

01Description

Z-Wave devices based on Silicon Labs 500 series chipsets using CRC-16 encapsulation, including but likely not limited to the Linear LB60Z-1 version 3.5, Dome DM501 version 4.26, and Jasco ZW4201 version 4.05, do not implement encryption or replay protection.

Key dates

02Disclosure timeline

January 7, 2022 CVE published
September 16, 2024 Record updated