Details of VAR-202201-0274

ID

VAR-202201-0274

CVE

CVE-2020-9060

TITLE

Silicon Labs Z-Wave chipsets contain multiple vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#142629

DESCRIPTION

Z-Wave devices based on Silicon Labs 500 series chipsets using S2, including but likely not limited to the ZooZ ZST10 version 6.04, ZooZ ZEN20 version 5.03, ZooZ ZEN25 version 5.03, Aeon Labs ZW090-A version 3.95, and Fibaro FGWPB-111 version 4.3, are susceptible to denial of service and resource exhaustion via malformed SECURITY NONCE GET, SECURITY NONCE GET 2, NO OPERATION, or NIF REQUEST messages. Various Silicon Labs Z-Wave chipsets do not support encryption, can be downgraded to not use weaker encryption, and are vulnerable to denial of service. Some of these vulnerabilities are inherent in Z-Wave protocol specifications.CVE-2020-10137 Unknown CVE-2020-9057 Affected Vendor Statement: This is a known weakness with unencrypted traffic. S0 and S2 security can encrypt application data. CVE-2020-9058 Affected Vendor Statement: This is a known weakness with unencrypted traffic. S0 and S2 can encrypt application data. CVE-2020-9059 Affected Vendor Statement: This is a known weakness with S0 security. CVE-2020-9060 Affected Vendor Statement: This is a known weakness with S2 security. CVE-2020-9061 Affected Vendor Statement: This is a known weakness with S0 and S2 security.CVE-2020-10137 Unknown CVE-2020-9057 Affected Vendor Statement: This is a known weakness with unencrypted traffic. S0 and S2 security can encrypt application data. CVE-2020-9058 Affected Vendor Statement: This is a known weakness with unencrypted traffic. S0 and S2 can encrypt application data. CVE-2020-9059 Affected Vendor Statement: This is a known weakness with S0 security. CVE-2020-9060 Affected Vendor Statement: This is a known weakness with S2 security. CVE-2020-9061 Affected Vendor Statement: This is a known weakness with S0 and S2 security. Products from multiple vendors contain resource exhaustion vulnerabilities.Service operation interruption (DoS) It may be in a state

Trust: 2.43

sources: NVD: CVE-2020-9060 // CERT/CC: VU#142629 // JVNDB: JVNDB-2021-017817 // VULHUB: VHN-187185

AFFECTED PRODUCTS

vendor:	aeotec	model:	zw090-a	scope:	eq	version:	3.95	Trust: 1.0
vendor:	zooz	model:	zen25	scope:	eq	version:	5.03	Trust: 1.0
vendor:	silabs	model:	500 series	scope:	eq	version:	*	Trust: 1.0
vendor:	fibaro	model:	fgwpb-111	scope:	eq	version:	4.3	Trust: 1.0
vendor:	zooz	model:	zst10	scope:	eq	version:	6.04	Trust: 1.0
vendor:	zooz	model:	zen20	scope:	eq	version:	5.03	Trust: 1.0
vendor:	zooz	model:	zen20	scope:	-	version:	-	Trust: 0.8
vendor:	zooz	model:	zen25	scope:	-	version:	-	Trust: 0.8
vendor:	fibaro	model:	fgwpb-111	scope:	-	version:	-	Trust: 0.8
vendor:	アイオテック	model:	z-stick gen5 +	scope:	-	version:	-	Trust: 0.8
vendor:	silicon	model:	500 シリーズ	scope:	-	version:	-	Trust: 0.8
vendor:	zooz	model:	zst10	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-017817 // NVD: CVE-2020-9060

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-9060
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2020-9060
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202201-599
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-187185
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-9060
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-187185
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-9060
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2020-9060
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-187185 // JVNDB: JVNDB-2021-017817 // CNNVD: CNNVD-202201-599 // NVD: CVE-2020-9060

PROBLEMTYPE DATA

problemtype:	CWE-400	Trust: 1.1
problemtype:	CWE-346	Trust: 1.0
problemtype:	Resource exhaustion (CWE-400) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-187185 // JVNDB: JVNDB-2021-017817 // NVD: CVE-2020-9060

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202201-599

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202201-599

PATCH

title:	Top Page iotech Aeotec	url:	https://www.fibaro.com/us/	Trust: 0.8
title:	Silicon Labs Z-Wave Chipsets Remediation of resource management error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=178624	Trust: 0.6
title:	VFuzz-public	url:	https://github.com/CNK2100/VFuzz-public	Trust: 0.1

sources: VULMON: CVE-2020-9060 // JVNDB: JVNDB-2021-017817 // CNNVD: CNNVD-202201-599

EXTERNAL IDS

db:	NVD	id:	CVE-2020-9060	Trust: 4.2
db:	CERT/CC	id:	VU#142629	Trust: 3.3
db:	JVN	id:	JVNVU94598199	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-017817	Trust: 0.8
db:	CNNVD	id:	CNNVD-202201-599	Trust: 0.6
db:	VULHUB	id:	VHN-187185	Trust: 0.1
db:	VULMON	id:	CVE-2020-9060	Trust: 0.1

sources: CERT/CC: VU#142629 // VULHUB: VHN-187185 // VULMON: CVE-2020-9060 // JVNDB: JVNDB-2021-017817 // CNNVD: CNNVD-202201-599 // NVD: CVE-2020-9060

REFERENCES

url:	https://github.com/cnk2100/vfuzz-public	Trust: 2.6
url:	https://kb.cert.org/vuls/id/142629	Trust: 2.5
url:	https://ieeexplore.ieee.org/document/9663293	Trust: 2.5
url:	https://www.kb.cert.org/vuls/id/142629	Trust: 1.7
url:	https://doi.org/10.1109/access.2021.3138768	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2020-9060	Trust: 1.4
url:	http://jvn.jp/vu/jvnvu94598199/index.html	Trust: 0.8

sources: VULHUB: VHN-187185 // VULMON: CVE-2020-9060 // JVNDB: JVNDB-2021-017817 // CNNVD: CNNVD-202201-599 // NVD: CVE-2020-9060

CREDITS

This document was written by Timur Snoke and Art Manion.Statement Date: June 30, 2020

Trust: 0.8

sources: CERT/CC: VU#142629

SOURCES

db:	CERT/CC	id:	VU#142629
db:	VULHUB	id:	VHN-187185
db:	VULMON	id:	CVE-2020-9060
db:	JVNDB	id:	JVNDB-2021-017817
db:	CNNVD	id:	CNNVD-202201-599
db:	NVD	id:	CVE-2020-9060

LAST UPDATE DATE

2024-08-14T14:18:11.282000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#142629	date:	2022-01-09T00:00:00
db:	VULHUB	id:	VHN-187185	date:	2022-09-20T00:00:00
db:	JVNDB	id:	JVNDB-2021-017817	date:	2023-02-10T08:31:00
db:	CNNVD	id:	CNNVD-202201-599	date:	2022-01-19T00:00:00
db:	NVD	id:	CVE-2020-9060	date:	2022-09-20T17:16:46.377

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#142629	date:	2022-01-07T00:00:00
db:	VULHUB	id:	VHN-187185	date:	2022-01-10T00:00:00
db:	JVNDB	id:	JVNDB-2021-017817	date:	2023-02-10T00:00:00
db:	CNNVD	id:	CNNVD-202201-599	date:	2022-01-10T00:00:00
db:	NVD	id:	CVE-2020-9060	date:	2022-01-10T14:10:16.380