← Back

CVE-2019-15914

nvd nist
Published: Dec 20, 2019Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM devices. Attackers can use the ZigBee trust center rejoin procedure to perform mutiple denial of service attacks.

Affected (5)

Mi
5 products
Dgnwg03lm Firmware
Zncz03lm Firmware
Mccgq01lm Firmware
Wsdcgq01lm Firmware
Rtcgq01lm Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Dgnwg03lm Firmware
All versions
Running on/withPlatform Versions
Mi
Dgnwg03lm
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Zncz03lm Firmware
All versions
Running on/withPlatform Versions
Mi
Zncz03lm
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Mccgq01lm Firmware
All versions
Running on/withPlatform Versions
Mi
Mccgq01lm
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Wsdcgq01lm Firmware
All versions
Running on/withPlatform Versions
Mi
Wsdcgq01lm
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Rtcgq01lm Firmware
All versions
Running on/withPlatform Versions
Mi
Rtcgq01lm
All versions

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

Source: cve@mitre.org
ExploitThird Party Advisory
Source: cve@mitre.org
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory

Timeline

No history available yet.