CVE-2026-47151
Analyzed Analyzed - Analysis Complete

EmberZNet Out-of-Bounds Write in Door Lock Schedule

Vulnerability report for CVE-2026-47151, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-25

Last updated on: 2026-06-25

Assigner: Silicon Graphics (SGI)

Description

In EmberZNet v9.0.2 and earlier, malformed ClearWeekdaySchedule messages can trigger out-of-bounds writes into Door Lock schedule state. The size and location of this data is limited. These messages must come from a device that has already joined the network. Only devices supporting the Door Lock cluster may be impacted.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-25
Last Modified
2026-06-25
Generated
2026-07-16
AI Q&A
2026-06-25
EPSS Evaluated
2026-07-14
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
silabs emberznet to 9.0.2 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in EmberZNet version 9.0.2 and earlier. It involves malformed ClearWeekdaySchedule messages that can cause out-of-bounds writes into the Door Lock schedule state. These messages must originate from a device that has already joined the network, and only devices that support the Door Lock cluster are potentially affected.

Impact Analysis

The vulnerability can lead to out-of-bounds writes in the Door Lock schedule state, which may result in unexpected behavior or compromise of the Door Lock functionality. Since the vulnerability has a CVSS base score of 7.1, it is considered a high-severity issue that could potentially allow an attacker with network access and limited privileges to impact the integrity or availability of the Door Lock system.

Compliance Impact

The provided information does not include any details on how this vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-47151. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart