Cyber Resilience

CVE-2024-50920

HighPublic PoC

Published: 10 December 2024

Published
10 December 2024
Modified
01 July 2025
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0007 20.8th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-50920 is a high-severity Improper Preservation of Permissions (CWE-281) vulnerability in Silabs Z-Wave Software Development Kit. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Protocol or Service Impersonation (T1001.003); ranked at the 20.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to create a fake node via supplying crafted packets.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1001.003 Protocol or Service Impersonation Command And Control
Adversaries may impersonate legitimate protocols or web service traffic to disguise command and control activity and thwart analysis efforts.
T1036 Masquerading Stealth
Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools.
T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
Why these techniques?

Insecure permissions enable remote exploitation of the Z-Wave service (T1210) via crafted packets to create fake nodes, facilitating protocol/service impersonation (T1001.003) and masquerading as legitimate devices (T1036).

Affected Assets

silabs
z-wave software development kit
≤ 7.21.1

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-281

Forces removal or modification of permissions no longer required after reassignment, preventing improper preservation of old access rights.

References