MEDIUM✓ PATCH🇵🇱 Wersja polska

CVE-2022-39065

CVSS 6.5v3.1pub. 2022-10-14upd. 2025-05-15

A single malformed IEEE 802.15.4 (Zigbee) frame makes the TRÅDFRI gateway unresponsive, such that connected lighting cannot be controlled with the IKEA Home Smart app and TRÅDFRI remote control. The malformed Zigbee frame is an unauthenticated broadcast message, which means all vulnerable devices within radio range are affected. CVSS 3.1 Base Score: 6.5 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Ikea Tradfri Gateway E1526

    HW
    Ikea
    wszystkie wersje
  • Ikea Tradfri Gateway E1526 Firmware

    OS
    Ikea
    < 1.19.26
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2026-3588HIGH7.5ten sam vendor

A server-side request forgery (SSRF) vulnerability in IKEA Dirigera v2.866.4 allows an attacker to exfiltrate ...

CVE-2022-39064HIGH8.1ten sam vendor

An attacker sending a single malformed IEEE 802.15.4 (Zigbee) frame makes the TRÅDFRI bulb blink, and if they ...