S0 Zwave Vulnerability?

What are the primary vulnerabilities for a Zwave device that is paired with S0 security? I am trying out a kwikset lock that claims “128-bit wireless encryption”. When paired, it is configured to S0. Is this correct? Should I be looking for anything else to bump the security level to S2? Not sure it is possible with these since it has a Zwave 500 chipset.

Here’s a great article
What is the Difference Between S0 and S2 Z-Wave Protocols? - Alarm Grid

You Can’t ‘bump’ it - sorry. The Way ST joins stuff now it should have joined at its highest possible level.

In practical application attackers need close proximity on premise access to exploit vulnerabilities in Zwave Comms. IMHO You’re FAR more vulnerable to a credential lift from your Samsung account which now has access to the lock code and state. (So make darned sure you have reliable 2 Factor Auth enabled on your Samsung account.)

4 Likes