GCVE - cpe:2.3:h:silabs:zm5101:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:silabs:zm5101:-:*:*:*:*:*:*:*

part: h version: - update: *

Vendor	Silabs (`23d6bce5-f2eb-5a47-a0ef-8e615f48c9bf`)
Product	Zm5101 (`447c37ea-7484-5389-872b-a554b6d08972`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-50931`	not_vulnerable	2026-06-03 14:57:25.461888	Details available Silicon Labs Z-Wave Series 500 v6.84.0 was discovered to contain insecure permissions. Published: 2024-12-10T00:00:00.000Z Updated: 2024-12-11T15:37:57.181Z Open on db.gcve.eu Reference links https://github.com/CNK2100/2024-CVE/blob/main/README.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-50930`	not_vulnerable	2026-06-03 14:57:25.460861	Details available An issue in Silicon Labs Z-Wave Series 500 v6.84.0 allows attackers to execute arbitrary code. Published: 2024-12-10T00:00:00.000Z Updated: 2024-12-11T21:16:48.205Z Open on db.gcve.eu Reference links https://github.com/CNK2100/2024-CVE/blob/main/README.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-24611`	not_vulnerable	2026-06-03 14:46:30.745640	Details available Denial of Service (DoS) in the Z-Wave S0 NonceGet protocol specification in Silicon Labs Z-Wave 500 series allows local attackers to block S0/S2 protected Z-Wave network via crafted S0 NonceGet Z-Wave packages, utilizing included but absent NodeIDs. Published: 2022-05-17T17:28:19.000Z Updated: 2024-08-03T04:13:57.023Z Open on db.gcve.eu Reference links http://z-wave.com https://github.com/ITSecLab-HSEL/CVE-2022-24611	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-25029`	not_vulnerable	2026-06-03 14:38:40.667189	Details available The Z-Wave specification requires that S2 security can be downgraded to S0 or other less secure protocols, allowing an attacker within radio range during pairing to downgrade and then exploit a different vulnerability (CVE-2013-20003) to intercept and spoof traffic. Published: 2022-02-04T22:33:06.210Z Updated: 2024-09-17T03:32:57.132Z Open on db.gcve.eu Reference links https://www.pentestpartners.com/security-blog/z-shave-exploiting-z-wave-downgrade-attacks/ https://community.silabs.com/s/share/a5U1M000000knqNUAQ/updated-your-zwave-smart-locks-are-safe-and-secure	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-20003`	not_vulnerable	2026-06-03 14:32:53.114375	Details available Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (using S0 security) may use a known, shared network key of all zeros, allowing an attacker within radio range to spoof Z-Wave traffic. Published: 2022-02-04T22:33:05.137Z Updated: 2024-09-16T22:10:27.914Z Open on db.gcve.eu Reference links https://sensepost.com/cms/resources/conferences/2013/bh_zwave/Security%20Evaluation%20of%20Z-Wave_WP.pdf https://www.pentestpartners.com/security-blog/z-shave-exploiting-z-wave-downgrade-attacks/ https://orangecyberdefense.com/global/blog/sensepost/blackhat-conference-z-wave-security/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.