CVE-2023-41094

TouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and Missing Release of Resource after Effective Lifetime may allow a device to be added outside of valid TouchLink range or pairing duration This issue affects Ember ZNet 7.1.x from 7.1.3 through 7.1.5; 7.2.x from 7.2.0 through 7.2.3; Version 7.3 and later are unaffected
References
Link Resource
https://community.silabs.com/0688Y00000aIPzL Permissions Required
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:silabs:emberznet:*:*:*:*:*:*:*:*
cpe:2.3:a:silabs:emberznet:*:*:*:*:*:*:*:*

History

26 Sep 2024, 22:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-10-04 21:15

Updated : 2024-09-26 22:15


NVD link : CVE-2023-41094

Mitre link : CVE-2023-41094

CVE.ORG link : CVE-2023-41094


JSON object : View

Products Affected

silabs

  • emberznet
CWE
CWE-672

Operation on a Resource after Expiration or Release

CWE-772

Missing Release of Resource after Effective Lifetime

CWE-940

Improper Verification of Source of a Communication Channel