Multiple Matter products denial of service | CVE-2023-42189

October 15, 2023

NAME
__________
Multiple Matter products denial of service

Platforms Affected:
Connectivity Standards Alliance Matter Official SDK 1.1.0.0
Nanoleaf Light strip 3.5.10
Govee LED Strip 3.00.42
switchBot Hub2 1.0-0.8
Phillips hue hub 1.59.1959097030
yeelight smart lamp 1.12.69

Risk Level:
7.5

Exploitability:
Unproven

Consequences:
Denial of Service

DESCRIPTION
__________

Multiple Matter products are vulnerable to a denial of service, caused by a flaw in the KeySetRemove function function. By sending a specially crafted Matter message, a remote attacker could exploit this vulnerability to cause a denial of service condition.

CVSS 3.0 Information
__________

Privileges Required:
None

User Interaction:
None

Scope:
Unchanged

Access Vector:
Network

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee
Patreon

 To keep up to date follow us on the below channels.

Tags: , ,

You may have missed

cybersecurity

Threat actors misusing Quick Assist in social engineering attacks leading to ransomware

May 16, 2024
image 9

Using ChatGPT 4o to control Home Assistant

May 16, 2024
hkcert

F5 Products Multiple Vulnerabilities

May 16, 2024
hkcert

Google Chrome Multiple Vulnerabilities

May 16, 2024
hkcert

Microsoft Monthly Security Update (May 2024)

May 16, 2024