CVE-2023-41094 (GCVE-0-2023-41094)

Vulnerability from cvelistv5 – Published: 2023-10-04 20:01 – Updated: 2024-09-26 21:39
VLAI?
Title
Touchlink authentication bypass due to packets processed after timeout or out of range in Ember ZNet
Summary
TouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and Missing Release of Resource after Effective Lifetime may allow a device to be added outside of valid TouchLink range or pairing duration This issue affects Ember ZNet 7.1.x from 7.1.3 through 7.1.5; 7.2.x from 7.2.0 through 7.2.3; Version 7.3 and later are unaffected
Severity ?
10 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE
  • CWE-940 - Improper Verification of Source of a Communication Channel
Assigner
References
Impacted products
Vendor Product Version
Silicon Labs Ember ZNet Affected: 7.1.3 , ≤ 7.1.5 (7.1.x)
Affected: 7.2.0 , ≤ 7.2.3 (7.2.x)
Unaffected: 7.3.0
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T18:46:11.841Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://community.silabs.com/0688Y00000aIPzL"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-41094",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-19T19:10:01.864508Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-19T19:11:31.483Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "TouchLink"
          ],
          "platforms": [
            "32 bit",
            "ARM"
          ],
          "product": "Ember ZNet",
          "repo": "https://github.com/SiliconLabs/gecko_sdk",
          "vendor": "Silicon Labs",
          "versions": [
            {
              "lessThanOrEqual": "7.1.5",
              "status": "affected",
              "version": "7.1.3",
              "versionType": "7.1.x"
            },
            {
              "lessThanOrEqual": "7.2.3",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "7.2.x"
            },
            {
              "status": "unaffected",
              "version": "7.3.0"
            }
          ]
        }
      ],
      "datePublic": "2023-09-22T20:32:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eTouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and Missing Release of Resource after Effective Lifetime may allow a device to be added outside of valid TouchLink range or pairing duration\u003c/span\u003e\n\n\u003cp\u003eThis issue affects Ember ZNet 7.1.x from 7.1.3 through 7.1.5; 7.2.x from 7.2.0 through 7.2.3; Version 7.3 and later are unaffected\u003cbr\u003e\u003c/p\u003e"
            }
          ],
          "value": "TouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and Missing Release of Resource after Effective Lifetime may allow a device to be added outside of valid TouchLink range or pairing duration\n\nThis issue affects Ember ZNet 7.1.x from 7.1.3 through 7.1.5; 7.2.x from 7.2.0 through 7.2.3; Version 7.3 and later are unaffected"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-629",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-629 Unauthorized Use of Device Resources"
            }
          ]
        },
        {
          "capecId": "CAPEC-115",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-115 Authentication Bypass"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-940",
              "description": "CWE-940 Improper Verification of Source of a Communication Channel",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-26T21:39:11.670Z",
        "orgId": "030b2754-1501-44a4-bef8-48be86a33bf4",
        "shortName": "Silabs"
      },
      "references": [
        {
          "url": "https://community.silabs.com/0688Y00000aIPzL"
        }
      ],
      "source": {
        "advisory": "https://community.silabs.com/0688Y00000aIPzL",
        "discovery": "INTERNAL"
      },
      "title": "Touchlink authentication bypass due to packets processed after timeout or out of range in Ember ZNet",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "030b2754-1501-44a4-bef8-48be86a33bf4",
    "assignerShortName": "Silabs",
    "cveId": "CVE-2023-41094",
    "datePublished": "2023-10-04T20:01:16.250Z",
    "dateReserved": "2023-08-23T04:17:16.169Z",
    "dateUpdated": "2024-09-26T21:39:11.670Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://community.silabs.com/0688Y00000aIPzL\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T18:46:11.841Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-41094\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-19T19:10:01.864508Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-19T19:11:08.299Z\"}}], \"cna\": {\"title\": \"Touchlink authentication bypass due to packets processed after timeout or out of range in Ember ZNet\", \"source\": {\"advisory\": \"https://community.silabs.com/0688Y00000aIPzL\", \"discovery\": \"INTERNAL\"}, \"impacts\": [{\"capecId\": \"CAPEC-629\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-629 Unauthorized Use of Device Resources\"}]}, {\"capecId\": \"CAPEC-115\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-115 Authentication Bypass\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 10, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"repo\": \"https://github.com/SiliconLabs/gecko_sdk\", \"vendor\": \"Silicon Labs\", \"modules\": [\"TouchLink\"], \"product\": \"Ember ZNet\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.1.3\", \"versionType\": \"7.1.x\", \"lessThanOrEqual\": \"7.1.5\"}, {\"status\": \"affected\", \"version\": \"7.2.0\", \"versionType\": \"7.2.x\", \"lessThanOrEqual\": \"7.2.3\"}, {\"status\": \"unaffected\", \"version\": \"7.3.0\"}], \"platforms\": [\"32 bit\", \"ARM\"], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2023-09-22T20:32:00.000Z\", \"references\": [{\"url\": \"https://community.silabs.com/0688Y00000aIPzL\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"TouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and Missing Release of Resource after Effective Lifetime may allow a device to be added outside of valid TouchLink range or pairing duration\\n\\nThis issue affects Ember ZNet 7.1.x from 7.1.3 through 7.1.5; 7.2.x from 7.2.0 through 7.2.3; Version 7.3 and later are unaffected\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eTouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and Missing Release of Resource after Effective Lifetime may allow a device to be added outside of valid TouchLink range or pairing duration\u003c/span\u003e\\n\\n\u003cp\u003eThis issue affects Ember ZNet 7.1.x from 7.1.3 through 7.1.5; 7.2.x from 7.2.0 through 7.2.3; Version 7.3 and later are unaffected\u003cbr\u003e\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-940\", \"description\": \"CWE-940 Improper Verification of Source of a Communication Channel\"}]}], \"providerMetadata\": {\"orgId\": \"030b2754-1501-44a4-bef8-48be86a33bf4\", \"shortName\": \"Silabs\", \"dateUpdated\": \"2024-09-26T21:39:11.670Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-41094\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-26T21:39:11.670Z\", \"dateReserved\": \"2023-08-23T04:17:16.169Z\", \"assignerOrgId\": \"030b2754-1501-44a4-bef8-48be86a33bf4\", \"datePublished\": \"2023-10-04T20:01:16.250Z\", \"assignerShortName\": \"Silabs\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.