CVE-2019-15912

HIGH

ASUS ZigBee Devices - Denial of Service via Trust Center Rejoin

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-15912. PoCs published by chengcheng227.

AI-analyzed exploit summary This repository provides a detailed technical analysis of CVE-2019-15912, focusing on the insecure trust center rejoin procedure in ASUS ZigBee PRO devices, which can be exploited for denial-of-service attacks. It includes system architecture, attack methodology, and visual demonstrations of the exploit.

Description

An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Attackers can use the ZigBee trust center rejoin procedure to perform mutiple denial of service attacks.

Exploits (1)

github WRITEUP 9 stars
by chengcheng227 · poc
https://github.com/chengcheng227/CVE-POC/tree/master/CVE-2019-15912_1.md

This repository provides a detailed technical analysis of CVE-2019-15912, focusing on the insecure trust center rejoin procedure in ASUS ZigBee PRO devices, which can be exploited for denial-of-service attacks. It includes system architecture, attack methodology, and visual demonstrations of the exploit.

Classification
Writeup 90%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: ASUS HG100, WS-101, TS-101, AS-101, MS-101, DL-101 (ZigBee PRO)
No auth needed
Prerequisites: Laptop with Ubuntu 16.04.3 LTS · Atmel RZ Raven USB sticks · KillerBee API · Zigdiggity · Wireshark
devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 7.5
EPSS 0.0131
EPSS Percentile 66.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-20
Status published
Products (7)
asus/as-101_firmware
asus/dl-101_firmware
asus/hg100_firmware
asus/ms-101_firmware
asus/mw100_firmware
asus/ts-101_firmware
asus/ws-101_firmware
Published Dec 20, 2019
Tracked Since Feb 18, 2026