Silicon Labs ZigBee Devices Denial-of-Service Vulnerability via Unsolicited Encrypted Rejoin Response

Vulnerability

A denial-of-service vulnerability has been identified in Silicon Labs ZigBee coordinators, routers, and end devices. When these devices receive an unsolicited encrypted rejoin response, they may unintentionally change their node ID. This alteration leads to a denial-of-service condition, causing disruption in the network. To restore normal operation, the network must be re-established.

Impact

Exploitation of this vulnerability causes a denial-of-service condition, disrupting network communication and requiring a manual re-establishment of the network to restore functionality.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

2.5

exploitability

3.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

2.5

exploitability

3.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Silicon Labs ZigBee Devices Denial-of-Service Vulnerability via Unsolicited Encrypted Rejoin Response

Vulnerability

Impact

Affected Products

Silicon Labs ZigBee Coordinator

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating