CVE-2019-15914

Published Dec 20, 2019

Last updated 5 years ago

CVSS high 7.5

Overview

Description: An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM devices. Attackers can use the ZigBee trust center rejoin procedure to perform mutiple denial of service attacks.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mi:dgnwg03lm_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18E6AAD6-8A61-4E16-8387-ADEDD63BA7DC"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mi:dgnwg03lm:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FFD6A160-4E8B-485F-8EC1-C4D52F002875"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mi:zncz03lm_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "454AB732-27E3-412E-AD89-3D62C98B06D3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mi:zncz03lm:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "833C0FBE-F3DC-4D28-A996-17E485592046"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mi:mccgq01lm_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A01F6B64-4DDA-4E51-A9C7-1C6E3E537156"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mi:mccgq01lm:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "44AB28D7-A56F-411C-A6EF-7DB42234EDA5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mi:wsdcgq01lm_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8AC2BB24-C436-4862-BB7E-0546430753FF"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mi:wsdcgq01lm:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "456AE601-26F7-4DB0-9FBE-47D171B20AEC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mi:rtcgq01lm_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1ED2FDB-6F55-4FD2-AE4D-E094D875D189"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mi:rtcgq01lm:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FF98F7C8-9B48-4594-AECA-E044268CDDBA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References