CVE-2024-7322 MEDIUM

CVE-2024-7322: Dos in ZigBee device due to unsolicited encrypted rejoin response

Vendor Silabs.com
Product EmberZNet
Weakness CWE-940
Published January 15, 2025
Last update April 20, 2026

CVSS base score

5.8/10
Attack vector Network
Attack complexity High
Privileges required High
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H

What the vulnerability does

01Description

A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change in node ID causes Denial of Service (DoS). To recover from this DoS, the network must be re-established

Key dates

02Disclosure timeline

January 15, 2025 CVE published
April 20, 2026 Record updated