Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-50931

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-10 Dec, 2024 | 00:00
Updated At-11 Dec, 2024 | 15:37
Rejected At-
Credits

Silicon Labs Z-Wave Series 500 v6.84.0 was discovered to contain insecure permissions.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:10 Dec, 2024 | 00:00
Updated At:11 Dec, 2024 | 15:37
Rejected At:
▼CVE Numbering Authority (CNA)

Silicon Labs Z-Wave Series 500 v6.84.0 was discovered to contain insecure permissions.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/CNK2100/2024-CVE/blob/main/README.md
N/A
Hyperlink: https://github.com/CNK2100/2024-CVE/blob/main/README.md
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-281CWE-281 Improper Preservation of Permissions
Type: CWE
CWE ID: CWE-281
Description: CWE-281 Improper Preservation of Permissions
Metrics
VersionBase scoreBase severityVector
3.14.6MEDIUM
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 4.6
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:10 Dec, 2024 | 19:15
Updated At:01 Jul, 2025 | 14:10

Silicon Labs Z-Wave Series 500 v6.84.0 was discovered to contain insecure permissions.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.14.6MEDIUM
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 4.6
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
silabs
silabs
>>z-wave_software_development_kit>>6.84.0
cpe:2.3:a:silabs:z-wave_software_development_kit:6.84.0:*:*:*:*:*:*:*
silabs
silabs
>>zm5101>>-
cpe:2.3:h:silabs:zm5101:-:*:*:*:*:*:*:*
silabs
silabs
>>zm5202>>-
cpe:2.3:h:silabs:zm5202:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-281Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-281
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/CNK2100/2024-CVE/blob/main/README.mdcve@mitre.org
Third Party Advisory
Hyperlink: https://github.com/CNK2100/2024-CVE/blob/main/README.md
Source: cve@mitre.org
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

6Records found
CVE-2024-50920
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.03% / 5.82%
||
7 Day CHG~0.00%
Published-10 Dec, 2024 | 00:00
Updated-01 Jul, 2025 | 15:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to create a fake node via supplying crafted packets.

Action-Not Available
Vendor-silabsn/a
Product-z-wave_software_development_kitefr32zg23a020f512gm40efr32zg23b010f512im48efr32zg14p231f256gm32zgm230sa27hgnefr32zg23b010f512im40efr32zg23b020f512im40efr32zg23b011f512im40efr32zg23b020f512im48efr32zg23a010f512gm48efr32zg23a020f512gm48zgm130s037hgnefr32zg23b021f512im40zgm230sb27hgnefr32zg23a010f512gm40n/a
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2024-50930
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.06% / 18.35%
||
7 Day CHG~0.00%
Published-10 Dec, 2024 | 00:00
Updated-01 Jul, 2025 | 14:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in Silicon Labs Z-Wave Series 500 v6.84.0 allows attackers to execute arbitrary code.

Action-Not Available
Vendor-silabsn/a
Product-z-wave_software_development_kitzm5202zm5101n/a
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2024-50928
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.05% / 16.54%
||
7 Day CHG~0.00%
Published-10 Dec, 2024 | 00:00
Updated-01 Jul, 2025 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to change the wakeup interval of end devices in controller memory, disrupting the device's communications with the controller.

Action-Not Available
Vendor-silabsn/a
Product-z-wave_software_development_kitefr32zg23a020f512gm40efr32zg23b010f512im48efr32zg14p231f256gm32zgm230sa27hgnefr32zg23b010f512im40efr32zg23b020f512im40efr32zg23b011f512im40efr32zg23b020f512im48efr32zg23a010f512gm48efr32zg23a020f512gm48zgm130s037hgnefr32zg23b021f512im40zgm230sb27hgnefr32zg23a010f512gm40n/a
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2024-50929
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.05% / 16.39%
||
7 Day CHG-0.01%
Published-10 Dec, 2024 | 00:00
Updated-01 Jul, 2025 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to arbitrarily change the device type in the controller's memory, leading to a Denial of Service (DoS).

Action-Not Available
Vendor-silabsn/a
Product-z-wave_software_development_kitefr32zg23a020f512gm40efr32zg23b010f512im48efr32zg14p231f256gm32zgm230sa27hgnefr32zg23b010f512im40efr32zg23b020f512im40efr32zg23b011f512im40efr32zg23b020f512im48efr32zg23a010f512gm48efr32zg23a020f512gm48zgm130s037hgnefr32zg23b021f512im40zgm230sb27hgnefr32zg23a010f512gm40n/a
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2024-50924
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 5.65%
||
7 Day CHG~0.00%
Published-10 Dec, 2024 | 00:00
Updated-01 Jul, 2025 | 15:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to cause disrupt communications between the controller and the device itself via repeatedly sending crafted packets to the controller.

Action-Not Available
Vendor-silabsn/a
Product-z-wave_software_development_kitefr32zg23a020f512gm40efr32zg23b010f512im48efr32zg14p231f256gm32zgm230sa27hgnefr32zg23b010f512im40efr32zg23b020f512im40efr32zg23b011f512im40efr32zg23b020f512im48efr32zg23a010f512gm48efr32zg23a020f512gm48zgm130s037hgnefr32zg23b021f512im40zgm230sb27hgnefr32zg23a010f512gm40n/a
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2024-50921
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.05% / 14.16%
||
7 Day CHG~0.00%
Published-10 Dec, 2024 | 00:00
Updated-01 Jul, 2025 | 15:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to cause a Denial of Service (DoS) via repeatedly sending crafted packets to the controller.

Action-Not Available
Vendor-silabsn/a
Product-z-wave_software_development_kitefr32zg23a020f512gm40efr32zg23b010f512im48efr32zg14p231f256gm32zgm230sa27hgnefr32zg23b010f512im40efr32zg23b020f512im40efr32zg23b011f512im40efr32zg23b020f512im48efr32zg23a010f512gm48efr32zg23a020f512gm48zgm130s037hgnefr32zg23b021f512im40zgm230sb27hgnefr32zg23a010f512gm40n/a
CWE ID-CWE-281
Improper Preservation of Permissions
Details not found