CVE-2024-56318
📋 TL;DR
A NULL pointer dereference vulnerability in Matter (Project CHIP) allows remote attackers to cause denial of service by sending specially crafted TCP packets with zero messageSize. This affects all systems running vulnerable versions of Matter/connectedhomeip software, particularly IoT devices and smart home ecosystems using this protocol.
💻 Affected Systems
- Matter (connectedhomeip, Project CHIP)
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete service disruption of affected Matter devices, potentially rendering smart home/IoT devices unresponsive until manually restarted.
Likely Case
Targeted devices crash and become temporarily unavailable, requiring restart to restore functionality.
If Mitigated
Minimal impact with proper network segmentation and updated software.
🎯 Exploit Status
Exploitation requires sending malformed TCP packets to vulnerable service, no authentication needed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in commit 27ca6ec255b78168e04bd71e0f1a473869cf144b and later
Vendor Advisory: https://github.com/project-chip/connectedhomeip/commit/27ca6ec255b78168e04bd71e0f1a473869cf144b
Restart Required: Yes
Instructions:
1. Update Matter/connectedhomeip to version including commit 27ca6ec255b78168e04bd71e0f1a473869cf144b or later. 2. Rebuild and redeploy affected applications. 3. Restart all Matter-enabled devices and services.
🔧 Temporary Workarounds
Network Segmentation
allIsolate Matter devices from untrusted networks using firewalls or VLANs.
TCP Filtering
allBlock or filter TCP packets with suspicious patterns at network perimeter.
🧯 If You Can't Patch
- Implement strict network access controls to limit TCP connections to Matter devices
- Monitor for abnormal TCP traffic patterns and device crashes
🔍 How to Verify
Check if Vulnerable:
Check if Matter/connectedhomeip version is before commit 27ca6ec255b78168e04bd71e0f1a473869cf144bCheck Version:
Check build version or git commit hash of connectedhomeip installationVerify Fix Applied:
Verify the code includes the fix from commit 27ca6ec255b78168e04bd71e0f1a473869cf144b in TCPBase::ProcessSingleMessage📡 Detection & Monitoring
Log Indicators:
- Process crashes in Matter services
- NULL pointer exception logs
- TCP connection resets
Network Indicators:
- TCP packets with zero-length payloads to Matter ports
- Abnormal TCP traffic patterns
SIEM Query:
Process termination events from Matter executables OR TCP packets with size=0 to Matter ports