Primary

Context

ZIV IDF and ZLF Products Uncontrolled Resource Consumption Vulnerability Leading to Denial-of-Service

Vulnerability

A denial-of-service vulnerability has been identified in ZIV's IDF version 0.10.0-0C03-03 and ZLF version 0.10.0-0C03-04. This vulnerability arises from the devices' improper handling of TLS requests related to PROCOME sockets. When PROCOME ports are active and communications encryption is enabled, TLS requests sent to these ports can cause the device to reboot, disrupting service.

Impact

Exploitation of this vulnerability causes the device to reboot, leading to a denial-of-service condition.

Remediation

ZIV has released firmware updates to address this vulnerability. Users can upgrade to IDF version 0.10.0-0C08 or 0.10.0-0D00 for ZLF products.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.2

remediation

7.7

relevance

0.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.2

remediation

7.7

relevance

0.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ZIV IDF and ZLF Products Uncontrolled Resource Consumption Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating