Z/IP Gateway 7.18.01 and Earlier: Authenticated Attacker Can Manipulate Array Pointer to Disclose Global Memory Contents

Z/IP Gateway 7.18.01 and Earlier: Authenticated Attacker Can Manipulate Array Pointer to Disclose Global Memory Contents

CVE-2023-0969 · LOW Severity

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an authenticated attacker within Z-Wave range to manipulate an array pointer to disclose the contents of global memory.

Learn more about our Web Application Penetration Testing UK.