Malformed Zigbee packet with invalid destination address causes Assert

Vulnerability

A stack overflow vulnerability exists in the Ember ZNet stack of Silicon Labs Gecko SDK (GSDK). A malformed packet containing an invalid destination address can trigger a stack overflow, leading to an assert and subsequent device reset. The exact affected versions are not specified in the available references [1].

Exploitation

An attacker can exploit this vulnerability by sending a specially crafted packet with an invalid destination address to a device running the affected Ember ZNet stack. No authentication is required if the attacker can reach the device over the network. The malformed packet causes a stack overflow, which triggers an assert and immediate reset of the device.

Impact

Successful exploitation results in a denial of service (DoS) condition through device reset. The vulnerability does not appear to allow code execution or privilege escalation based on the description. The assert clears the error, leaving no persistent effect other than service interruption.

Mitigation

As of the publication date of this CVE, no specific patch has been publicly disclosed. Users are advised to consult Silicon Labs for firmware updates and to apply any available fixes through the Gecko SDK repository [1]. If no update is available, network-level filtering of malformed packets may help reduce risk.