Crushing the Wave – new Z-Wave vulnerabilities exposed
share
This paper describes two denial of service attacks against the Z-Wave protocol and their effects on smart home gateways. Both utilize modified unencrypted packets, which are used in the inclusion phase and during normal operation. These are the commands Nonce Get/S2 Nonce Get and Find Nodes In Range. This paper shows how both can be manipulated and used to block a Z-Wave gateway's communication processing which in turn disables the whole Z-Wave network connected to it
READ FULL TEXT