A number of wireless mesh products exist that are based on the Zigbee HA 1.2 standard, although not all are certified and able to use the Zigbee name for their wireless implementation. Several vulnerabilities related to the Zigbee HA 1.2 standard allow for compromise of the network key used to join the network.
The Zigbee Alliance has put forth a remediation for vulnerabilities related to the HA 1.2 standard. These vulnerabilities impact all devices based on HA 1.2 standard, whether certified or not.
Customers should take the following steps to mitigate the associated risks:
- Limit physical access to the system and surrounding area, since this attack is only possible if the attacker is within radio range of the device and Trust Center (which may be up to 300 meters).
- Use unique install codes per device (where possible).
- Disable automatic rejoin functionality with the Trust Center, which uses the “ZigbeeAlliance09” key. This will reduce the security risk, but impact downtime and systems capabilities, which should be factored into the decision-making process. Note: A power cycle does NOT initiate a rejoin.
- Disable Trust Center function to change the network PAN ID after receiving a PAN ID Conflict message (which may come from a malicious source).
- After commissioning, validate that only approved devices are members of the network.