{"api_version":"1","generated_at":"2026-04-23T17:16:29+00:00","cve":"CVE-2024-7322","urls":{"html":"https://cve.report/CVE-2024-7322","api":"https://cve.report/api/cve/CVE-2024-7322.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2024-7322","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2024-7322"},"summary":{"title":"Dos in ZigBee device due to unsolicited encrypted rejoin response","description":"A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change in node ID causes Denial of Service (DoS). To recover from this DoS, the network must be re-established","state":"PUBLISHED","assigner":"Silabs","published_at":"2025-01-15 08:15:26","updated_at":"2026-04-20 16:16:39"},"problem_types":["CWE-940","CWE-940 CWE-940 Improper Verification of Source of a Communication Channel"],"metrics":[{"version":"3.1","source":"product-security@silabs.com","type":"Secondary","score":"5.8","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"5.8","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H","data":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":5.8,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"HIGH","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H","version":"3.1"}}],"references":[{"url":"https://community.silabs.com/068Vm00000I7ri2","name":"https://community.silabs.com/068Vm00000I7ri2","refsource":"product-security@silabs.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2024-7322","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7322","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"silabs.com","product":"EmberZNet","version":"affected 7.3.3 semver","platforms":[]},{"source":"CNA","vendor":"silabs.com","product":"EmberZNet","version":"affected 7.4.0 7.4.4 semver","platforms":[]},{"source":"CNA","vendor":"silabs.com","product":"EmberZNet","version":"affected 8.1.0 semver","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2024","cve_id":"7322","cve":"CVE-2024-7322","epss":"0.001170000","percentile":"0.302950000","score_date":"2026-04-21","updated_at":"2026-04-22 00:07:40"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2024-7322","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2025-01-15T14:46:49.430161Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2025-01-15T14:46:57.645Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unaffected","packageName":"GSDK","product":"EmberZNet","vendor":"silabs.com","versions":[{"lessThan":"7.3.3","status":"affected","version":"0","versionType":"semver"},{"lessThan":"7.4.4","status":"affected","version":"7.4.0","versionType":"semver"}]},{"defaultStatus":"unaffected","packageName":"SiSDK","product":"EmberZNet","vendor":"silabs.com","versions":[{"lessThan":"8.1.0","status":"affected","version":"0","versionType":"semver"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change in node ID causes Denial of Service (DoS). To recover from this DoS, the network must be re-established"}],"value":"A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change in node ID causes Denial of Service (DoS). To recover from this DoS, the network must be re-established"}],"impacts":[{"capecId":"CAPEC-176","descriptions":[{"lang":"en","value":"CAPEC-176 Configuration/Environment Manipulation"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":5.8,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"HIGH","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-940","description":"CWE-940 Improper Verification of Source of a Communication Channel","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-04-20T15:10:01.669Z","orgId":"030b2754-1501-44a4-bef8-48be86a33bf4","shortName":"Silabs"},"references":[{"tags":["vendor-advisory","permissions-required"],"url":"https://community.silabs.com/068Vm00000I7ri2"}],"source":{"discovery":"UNKNOWN"},"title":"Dos in ZigBee device due to unsolicited encrypted rejoin response","x_generator":{"engine":"Vulnogram 0.2.0"}}},"cveMetadata":{"assignerOrgId":"030b2754-1501-44a4-bef8-48be86a33bf4","assignerShortName":"Silabs","cveId":"CVE-2024-7322","datePublished":"2025-01-15T07:59:55.430Z","dateReserved":"2024-07-31T09:01:54.841Z","dateUpdated":"2026-04-20T15:10:01.669Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2025-01-15 08:15:26","lastModifiedDate":"2026-04-20 16:16:39","problem_types":["CWE-940","CWE-940 CWE-940 Improper Verification of Source of a Communication Channel"],"metrics":{"cvssMetricV31":[{"source":"product-security@silabs.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":4}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2024","CveId":"7322","Ordinal":"1","Title":"Dos in ZigBee device due to unsolicited encrypted rejoin respons","CVE":"CVE-2024-7322","Year":"2024"},"notes":[{"CveYear":"2024","CveId":"7322","Ordinal":"1","NoteData":"A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change in node ID causes Denial of Service (DoS). To recover from this DoS, the network must be re-established","Type":"Description","Title":"Dos in ZigBee device due to unsolicited encrypted rejoin respons"}]}}}