CVE-2022-39065

A single malformed IEEE 802.15.4 (Zigbee) frame makes the TRÅDFRI gateway unresponsive, such that connected lighting cannot be controlled with the IKEA Home Smart app and TRÅDFRI remote control. The malformed Zigbee frame is an unauthenticated broadcast message, which means all vulnerable devices within radio range are affected. CVSS 3.1 Base Score: 6.5 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v3.0 6.5 MEDIUM

6.5^/10

CVSS v3.0 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.synopsys.com/blogs/software-security/cyrc-advisory-ikea-tradfri-smart-lighting-gateway/	Third Party Advisory
https://www.synopsys.com/blogs/software-security/cyrc-advisory-ikea-tradfri-smart-lighting-gateway/	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:ikea:tradfri_gateway_e1526_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ikea:tradfri_gateway_e1526:-:*:*:*:*:*:*:*

History

15 May 2025, 14:15

Type	Values Removed	Values Added
References	~~(MISC) https://www.synopsys.com/blogs/software-security/cyrc-advisory-ikea-tradfri-smart-lighting-gateway/ - Third Party Advisory~~	() https://www.synopsys.com/blogs/software-security/cyrc-advisory-ikea-tradfri-smart-lighting-gateway/ - Third Party Advisory

Information

Published : 2022-10-14 16:15

Updated : 2025-05-15 14:15

NVD link : CVE-2022-39065

Mitre link : CVE-2022-39065

JSON object : View

Products Affected

ikea

tradfri_gateway_e1526_firmware
tradfri_gateway_e1526

CWE

NVD-CWE-Other

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://www.synopsys.com/blogs/software-security/cyrc-advisory-ikea-tradfri-smart-lighting-gateway/", "name": "https://www.synopsys.com/blogs/software-security/cyrc-advisory-ikea-tradfri-smart-lighting-gateway/", "tags": ["Third Party Advisory"], "refsource": ""}, {"url": "https://www.synopsys.com/blogs/software-security/cyrc-advisory-ikea-tradfri-smart-lighting-gateway/", "name": "https://www.synopsys.com/blogs/software-security/cyrc-advisory-ikea-tradfri-smart-lighting-gateway/", "tags": ["Third Party Advisory"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A single malformed IEEE 802.15.4 (Zigbee) frame makes the TR\u00c5DFRI gateway unresponsive, such that connected lighting cannot be controlled with the IKEA Home Smart app and TR\u00c5DFRI remote control. The malformed Zigbee frame is an unauthenticated broadcast message, which means all vulnerable devices within radio range are affected. CVSS 3.1 Base Score: 6.5 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-39065", "ASSIGNER": "disclosure@synopsys.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}}, "publishedDate": "2022-10-14T16:15Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:ikea:tradfri_gateway_e1526_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.19.26"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:ikea:tradfri_gateway_e1526:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-05-15T14:15Z"}