CVE-2024-3051 HIGH

CVE-2024-3051: Z/IP Gateway Device Reset Locally Denial of Service Vulnerability

Vendor Silabs.com
Product Z/IP Gateway SDK
Weakness CWE-248
Published April 26, 2024
Last update September 27, 2024

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

Malformed Device Reset Locally command classes can be sent to temporarily deny service to an end device. Any frames sent by the end device will not be acknowledged by the gateway during this time.

Key dates

02Disclosure timeline

April 26, 2024 CVE published
September 27, 2024 Record updated