Monday, May 5, 2025
HomeCryptocurrency hack100 Million IoT Smart Devices are Vulnerable to Z-Wave Wireless Communications Protocol...

100 Million IoT Smart Devices are Vulnerable to Z-Wave Wireless Communications Protocol Downgrade Attack

Published on

SIEM as a Service

Follow Us on Google News

Z-Wave, a Wireless Communication Protocol that widely used in IoT Smart Devices vulnerability allow attackers to perform Downgrade Attack and compromise nearly 100 Million IoT devices around the world.

Z-Wave protocol used in many of wireless control IoT devices such as security systems, Door locks,  garage door openers and  Z-Wave automation system can be controlled from a wireless keyfob.

Also, it Helps to share the network key exchange to secure traffic in between controller and the client devices after the device paired.

- Advertisement - Google News

Also, This key allows to protect the communications and prevent attackers from exploiting joined devices.

There are over 100 million Z-wave chips are used in smart devices and 2,400 vendors including the communication range between the device and the operator over 100 meters.

How Does this Z-Wave Downgrade Attack

Earlier Smart device pairing process between client device and controller using “S0” that had a vulnerability and the pairing node using a key of all zero which leads to sniffed by an attacker within RF range.

So later it was fixed and improved into S2 and this Vulnerability allow attacker back to S0 by obtaining the network key.

To perform this test researchers using  Sigma provided tool called ‘PC Controller’ also they said, This is not a Z-Wave certified S2 controller, and hence does not display a warning when S0 security is used. Most S2 controllers have a very limited UI, so even if they do alert the user it’s likely to be no more than a flashing LED.

This could lead to attacker Exchange the network key and they will replace the fixed key as “0000000000000000” which indicate that they obtain the network key and attack any device on the network when the device is paired with in the  RF range.

S2 pairing key cannot be intercepted but the attacker exploits this vulnerability while the time of pairing and perform the downgrade an S2 pairing to S0.

So attackers intercept the key then intercept, inject S0 traffic on the Z-Wave network and there is very very less time to perform this attack and attacker would need advanced equipment to perform this attack successfully. you can read technical analysis here.

Also Read:

“Hide ‘N Seek” the First IoT Botnet with the Ability to Survive Device Reboots

Cryptocurrency-mining Malware Sold in Underground Markets Targeting IoT Devices

Beware – Dangerous IoT Attacks Leads Some One to Hack and Control Your Car

Researchers Use Machine Learning to Create Real-time IoT DDoS Detection Tool to Block Attack Traffic from IoT Botnets

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Gunra Ransomware’s Double‑Extortion Playbook and Global Impact

Gunra Ransomware, has surfaced as a formidable threat in April 2025, targeting Windows systems...

Hackers Exploit 21 Apps to Take Full Control of E-Commerce Servers

Cybersecurity firm Sansec has uncovered a sophisticated supply chain attack that has compromised 21...

Hackers Target HR Departments With Fake Resumes to Spread More_eggs Malware

The financially motivated threat group Venom Spider, also tracked as TA4557, has shifted its...

RomCom RAT Targets UK Organizations Through Compromised Customer Feedback Portals

The Russian-based threat group RomCom, also known as Storm-0978, Tropical Scorpius, and Void Rabisu,...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

North Korean Hacker Tries to Infiltrate Kraken Through Job Application

Leading cryptocurrency exchange Kraken has disclosed that it recently thwarted an infiltration attempt by...

Electromagnetic Side-Channel Analysis of Cryptographically Secured Devices

Electromagnetic (EM) side-channel analysis has emerged as a significant threat to cryptographically secured devices,...

Crypto Platform OKX Suspends Tool Abused by North Korean Hackers

Cryptocurrency platform OKX has announced the temporary suspension of its Decentralized Exchange (DEX) aggregator...