CVE-2020-9059

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/CNK2100/VFuzz-public", "name": "https://github.com/CNK2100/VFuzz-public", "tags": ["Third Party Advisory"], "refsource": "MISC"}, {"url": "https://kb.cert.org/vuls/id/142629", "name": "https://kb.cert.org/vuls/id/142629", "tags": ["Third Party Advisory", "US Government Resource"], "refsource": "CERT-VN"}, {"url": "https://ieeexplore.ieee.org/document/9663293", "name": "https://ieeexplore.ieee.org/document/9663293", "tags": ["Broken Link"], "refsource": "MISC"}, {"url": "https://doi.org/10.1109/ACCESS.2021.3138768", "name": "https://doi.org/10.1109/ACCESS.2021.3138768", "tags": ["Broken Link"], "refsource": "MISC"}, {"url": "https://www.kb.cert.org/vuls/id/142629", "name": "VU#142629", "tags": ["Third Party Advisory", "US Government Resource"], "refsource": "CERT-VN"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible to uncontrolled resource consumption leading to battery exhaustion. As an example, the Schlage BE468 version 3.42 door lock is vulnerable and fails open at a low battery level."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-770"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2020-9059", "ASSIGNER": "cert@cert.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.1, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "acInsufInfo": false, "impactScore": 6.9, "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}}, "publishedDate": "2022-01-10T14:10Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:silabs:500_series_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:schlage:be468:3.42:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-09-20T17:16Z"}