Authentication Bypass and Remote Administration Vulnerability in SiLabs Z/IP Gateway SDK

Authentication Bypass and Remote Administration Vulnerability in SiLabs Z/IP Gateway SDK

CVE-2023-0971 · HIGH Severity

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and earlier allows authentication to be bypassed, remote administration of Z-Wave controllers, and S0/S2 encryption keys to be recovered.

Learn more about our Web Application Penetration Testing UK.