CVE-2022-24939 is a medium-severity vulnerability identified in the Ember ZNet stack developed by silabs.com, specifically affecting version 1.0.0. The vulnerability arises from improper restriction of operations within the bounds of a memory buffer (CWE-119). A specially crafted malformed packet containing an invalid destination address can trigger a stack overflow condition within the Ember ZNet stack. This overflow leads to an assertion failure in the software, which subsequently causes the device to reset immediately. The reset clears the error state but results in a denial of service (DoS) condition due to the interruption of normal device operation. The vulnerability requires an attacker to have local network access (Attack Vector: Adjacent Network) and low privileges (Privileges Required: Low) but does not require user interaction. The scope of the vulnerability is unchanged, meaning the impact is confined to the vulnerable component. The CVSS v3.1 base score is 5.7, reflecting a medium severity primarily due to the impact on availability (denial of service) without affecting confidentiality or integrity. No known exploits have been reported in the wild, and no patches or mitigations have been officially published by the vendor at the time of this analysis. Ember ZNet is a wireless networking stack commonly used in Zigbee and other IoT devices, which are often embedded in smart home, industrial, and commercial environments. The vulnerability could be exploited by an attacker sending crafted network packets to devices running the vulnerable stack, causing repeated resets and service interruptions.

For European organizations, the primary impact of this vulnerability is the potential disruption of IoT and wireless network devices that utilize the Ember ZNet stack. This can affect smart building management systems, industrial control systems, and other critical infrastructure relying on Zigbee or similar wireless protocols. The denial of service caused by device resets could lead to temporary loss of monitoring, control, or automation capabilities, potentially impacting operational continuity and safety. While the vulnerability does not directly compromise data confidentiality or integrity, the availability impact could indirectly affect business processes and safety systems. Organizations in sectors such as manufacturing, energy, healthcare, and smart city infrastructure are particularly at risk if they deploy devices with the vulnerable stack. The requirement for adjacent network access limits remote exploitation but does not eliminate risk within local or segmented networks, especially where network segmentation or access controls are weak. The lack of known exploits reduces immediate risk but does not preclude future exploitation attempts.

1. Conduct an inventory of all devices and systems utilizing the Ember ZNet stack version 1.0.0 within the organization to identify potentially vulnerable assets. 2. Implement strict network segmentation and access controls to limit exposure of vulnerable devices to untrusted or less secure network segments, reducing the risk of crafted packet injection. 3. Monitor network traffic for anomalous or malformed packets targeting Zigbee or Ember ZNet devices, using intrusion detection systems or specialized IoT security tools. 4. Engage with silabs.com or device vendors to obtain updates or patches addressing this vulnerability; if unavailable, consider applying vendor-recommended workarounds or firmware updates. 5. Where possible, disable or restrict unnecessary network services or protocols on affected devices to reduce attack surface. 6. Establish incident response procedures to quickly detect and remediate device resets or service interruptions indicative of exploitation attempts. 7. For new deployments, prefer updated or alternative wireless stacks with known security improvements to avoid legacy vulnerabilities. 8. Regularly review and update IoT device security policies to include vulnerability management and network hygiene best practices specific to wireless and embedded systems.