Insecure Key Transport in ZigBee PRO: Vulnerability Exploitation and Device Takeover

Insecure Key Transport in ZigBee PRO: Vulnerability Exploitation and Device Takeover

CVE-2019-15911 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Because of insecure key transport in ZigBee communication, attackers can obtain sensitive information, cause the multiple denial of service attacks, take over smart home devices, and tamper with messages.

Learn more about our Web Application Penetration Testing UK.