{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-7322", "assignerOrgId": "030b2754-1501-44a4-bef8-48be86a33bf4", "state": "PUBLISHED", "assignerShortName": "Silabs", "dateReserved": "2024-07-31T09:01:54.841Z", "datePublished": "2025-01-15T07:59:55.430Z", "dateUpdated": "2025-09-16T16:06:38.502Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "packageName": "GSDK", "product": "EmberZNet", "vendor": "silabs.com", "versions": [{"lessThan": "7.4.4", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThan": "8.1.0", "status": "affected", "version": "8.0.0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change in node ID causes Denial of Service (DoS). To recover from this DoS, the network must be re-established"}], "value": "A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change\u00a0in node ID causes Denial of Service (DoS). To recover from this DoS, the network must be re-established"}], "impacts": [{"capecId": "CAPEC-176", "descriptions": [{"lang": "en", "value": "CAPEC-176 Configuration/Environment Manipulation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"description": "CWE- Improper Verification of Source of a Communication Channel", "lang": "en"}]}], "providerMetadata": {"orgId": "030b2754-1501-44a4-bef8-48be86a33bf4", "shortName": "Silabs", "dateUpdated": "2025-09-16T16:06:38.502Z"}, "references": [{"tags": ["vendor-advisory", "permissions-required"], "url": "https://community.silabs.com/068Vm00000I7ri2"}], "source": {"discovery": "UNKNOWN"}, "title": "Dos in ZigBee device due to unsolicited encrypted rejoin response", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-15T14:46:49.430161Z", "id": "CVE-2024-7322", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-15T14:46:57.645Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-7322", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-01-15T14:46:49.430161Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-15T14:46:53.752Z"}}], "cna": {"title": "Dos in ZigBee device due to unsolicited encrypted rejoin response", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-176", "descriptions": [{"lang": "en", "value": "CAPEC-176 Configuration/Environment Manipulation"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "silabs.com", "product": "EmberZNet", "versions": [{"status": "affected", "version": "0", "lessThan": "7.4.4", "versionType": "semver"}, {"status": "affected", "version": "8.0.0", "lessThan": "8.1.0", "versionType": "semver"}], "packageName": "GSDK", "defaultStatus": "unaffected"}], "references": [{"url": "https://community.silabs.com/068Vm00000I7ri2", "tags": ["vendor-advisory", "permissions-required"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change\u00a0in node ID causes Denial of Service (DoS). To recover from this DoS, the network must be re-established", "supportingMedia": [{"type": "text/html", "value": "A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change in node ID causes Denial of Service (DoS). To recover from this DoS, the network must be re-established", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE- Improper Verification of Source of a Communication Channel"}]}], "providerMetadata": {"orgId": "030b2754-1501-44a4-bef8-48be86a33bf4", "shortName": "Silabs", "dateUpdated": "2025-09-16T16:06:38.502Z"}}}, "cveMetadata": {"cveId": "CVE-2024-7322", "state": "PUBLISHED", "dateUpdated": "2025-09-16T16:06:38.502Z", "dateReserved": "2024-07-31T09:01:54.841Z", "assignerOrgId": "030b2754-1501-44a4-bef8-48be86a33bf4", "datePublished": "2025-01-15T07:59:55.430Z", "assignerShortName": "Silabs"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change\u00a0in node ID causes Denial of Service (DoS). To recover from this DoS, the network must be re-established"}, {"lang": "es", "value": "Un coordinador, enrutador o dispositivo final de ZigBee puede cambiar su ID de nodo cuando recibe una respuesta de reincorporaci\u00f3n cifrada no solicitada. Este cambio en la ID del nodo provoca una denegaci\u00f3n de servicio (DoS). Para recuperarse de esta denegaci\u00f3n de servicio, se debe restablecer la red."}], "id": "CVE-2024-7322", "lastModified": "2025-09-16T17:15:40.227", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 4.0, "source": "product-security@silabs.com", "type": "Secondary"}]}, "published": "2025-01-15T08:15:26.177", "references": [{"source": "product-security@silabs.com", "url": "https://community.silabs.com/068Vm00000I7ri2"}], "sourceIdentifier": "product-security@silabs.com", "vulnStatus": "Awaiting Analysis"}

{}