Crushing the Wave – new Z-Wave vulnerabilities exposed [article]

Noureddine Boucif, Frederik Golchert, Alexander Siemer, Patrick Felke, Frederik Gosewehr
2020 arXiv   pre-print
This paper describes two denial of service attacks against the Z-Wave protocol and their effects on smart home gateways. Both utilize modified unencrypted packets, which are used in the inclusion phase and during normal operation. These are the commands Nonce Get/S2 Nonce Get and Find Nodes In Range. This paper shows how both can be manipulated and used to block a Z-Wave gateway's communication processing which in turn disables the whole Z-Wave network connected to it
arXiv:2001.08497v1 fatcat:o7mbi3khybgibdbr5yet6dfsom