Silicon Labs Z-Wave PIR Sensor SmartStart Inclusion Vulnerability Allowing Non-Secure Device Onboarding

Vulnerability

A vulnerability exists in the Z-Wave PIR Sensor Reference design from Silicon Labs, included in SiSDK versions 2025.6.0 and 2025.6.1. When SmartStart Inclusion fails during the onboarding process, the sensor can join the network as a non-secure device.

Impact

Exploitation of this vulnerability allows a Z-Wave PIR sensor to be onboarded as a non-secure device, potentially leading to security risks associated with non-secure device integration.

Added: Oct 31, 2025, 8:19 PM

Updated: Oct 31, 2025, 8:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

3.3

remediation

0.0

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

3.3

remediation

0.0

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Silicon Labs Z-Wave PIR Sensor SmartStart Inclusion Vulnerability Allowing Non-Secure Device Onboarding

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating