CVE-2023-34596

Vulnerability

The vulnerability exists in Aeotec WallMote Switch firmware version 2.3. It allows an attacker to cause a Denial of Service (DoS) by sending a specially crafted Z-Wave message to the device. The vulnerability appears to be triggered by malformed or unexpected Z-Wave frames that the firmware cannot handle correctly, leading to a crash or hang. The affected product is the Aeotec WallMote Switch (also known as WallMote Quad) running firmware v2.3 [1].

Exploitation

An attacker must be within Z-Wave radio range of the target device (typically up to 30 meters indoors) and able to transmit Z-Wave messages. No authentication is required since Z-Wave devices generally accept commands from any controller within range. The attacker sends a crafted Z-Wave message that exploits the vulnerability; the exact sequence of bytes is described in the vulnerability report [1]. No user interaction is needed.

Impact

Successful exploitation results in the WallMote Switch becoming unresponsive—it stops processing legitimate Z-Wave commands and may require a power cycle to recover. This constitutes a Denial of Service (DoS) condition. There is no indication of data leakage or code execution; the impact is purely on availability of the device.

Mitigation

As of the publication date (2023-06-20), no firmware update has been released to address this vulnerability. The vendor, Aeotec, has not publicly acknowledged the issue or issued a patch [2]. Users are advised to restrict physical access to the device and monitor for any future firmware updates. The CVE is not listed on CISA's Known Exploited Vulnerabilities (KEV) catalog as of this writing.