Trådfri Smart Lighting System
Approved changes feed: RSS · Atom
cpe:2.3:a:ikea:trådfri_smart_lighting_system:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Ikea (e0a3692c-74c6-5b99-abd5-da334a32c45b) |
|---|---|
| Product | Trådfri Smart Lighting System (8a5f9b87-04c8-5946-bcd2-60f22a36180f) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-39064 |
vulnerable | 2026-06-08 05:47:17.829042 |
Details available
An attacker sending a single malformed IEEE 802.15.4 (Zigbee) frame makes the TRÅDFRI bulb blink, and if they replay (i.e. resend) the same frame multiple times, the bulb performs a factory reset. This causes the bulb to lose configuration information about the Zigbee network and current brightness level. After this attack, all lights are on with full brightness, and a user cannot control the bulbs with either the IKEA Home Smart app or the TRÅDFRI remote control. The malformed Zigbee frame is an unauthenticated broadcast message, which means all vulnerable devices within radio range are affected. CVSS 3.1 Base Score 7.1 vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Published: 2022-10-14T00:00:00.000Z
Updated: 2025-05-15T14:32:45.498Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.