GCVE - cpe:2.3:a:silicon_labs:500_series:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:silicon_labs:500_series:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Silicon Labs (`e0e4a3d4-8910-5169-b452-cd7cc713af8f`)
Product	500 Series (`b6bb2df9-a935-5d33-9bf1-8edda663930b`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2020-9061`	vulnerable	2026-06-03 14:43:12.622014	Details available Z-Wave devices using Silicon Labs 500 and 700 series chipsets, including but not likely limited to the SiLabs UZB-7 version 7.00, ZooZ ZST10 version 6.04, Aeon Labs ZW090-A version 3.95, and Samsung STH-ETH-200 version 6.04, are susceptible to denial of service via malformed routing messages. Published: 2022-01-07T04:30:29.498Z Updated: 2024-09-17T03:28:48.882Z Open on db.gcve.eu Reference links https://kb.cert.org/vuls/id/142629 https://ieeexplore.ieee.org/document/9663293 https://github.com/CNK2100/VFuzz-public https://doi.org/10.1109/ACCESS.2021.3138768 https://www.kb.cert.org/vuls/id/142629	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-9060`	vulnerable	2026-06-03 14:43:12.614980	Details available Z-Wave devices based on Silicon Labs 500 series chipsets using S2, including but likely not limited to the ZooZ ZST10 version 6.04, ZooZ ZEN20 version 5.03, ZooZ ZEN25 version 5.03, Aeon Labs ZW090-A version 3.95, and Fibaro FGWPB-111 version 4.3, are susceptible to denial of service and resource exhaustion via malformed SECURITY NONCE GET, SECURITY NONCE GET 2, NO OPERATION, or NIF REQUEST messages. Published: 2022-01-07T04:30:28.026Z Updated: 2024-09-16T16:33:05.408Z Open on db.gcve.eu Reference links https://kb.cert.org/vuls/id/142629 https://ieeexplore.ieee.org/document/9663293 https://github.com/CNK2100/VFuzz-public https://doi.org/10.1109/ACCESS.2021.3138768 https://www.kb.cert.org/vuls/id/142629	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-9059`	vulnerable	2026-06-03 14:43:12.607595	Details available Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible to uncontrolled resource consumption leading to battery exhaustion. As an example, the Schlage BE468 version 3.42 door lock is vulnerable and fails open at a low battery level. Published: 2022-01-07T04:30:26.522Z Updated: 2024-09-16T19:25:18.358Z Open on db.gcve.eu Reference links https://kb.cert.org/vuls/id/142629 https://ieeexplore.ieee.org/document/9663293 https://github.com/CNK2100/VFuzz-public https://doi.org/10.1109/ACCESS.2021.3138768 https://www.kb.cert.org/vuls/id/142629	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-9058`	vulnerable	2026-06-03 14:43:12.601893	Details available Z-Wave devices based on Silicon Labs 500 series chipsets using CRC-16 encapsulation, including but likely not limited to the Linear LB60Z-1 version 3.5, Dome DM501 version 4.26, and Jasco ZW4201 version 4.05, do not implement encryption or replay protection. Published: 2022-01-07T04:30:25.088Z Updated: 2024-09-16T23:41:50.495Z Open on db.gcve.eu Reference links https://kb.cert.org/vuls/id/142629 https://ieeexplore.ieee.org/document/9663293 https://github.com/CNK2100/VFuzz-public https://doi.org/10.1109/ACCESS.2021.3138768 https://www.kb.cert.org/vuls/id/142629	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.