Vulnerabilities > Silabs > Emberznet > 7.1.5

DATE CVE VULNERABILITY TITLE RISK
2024-02-23 CVE-2023-51393 Allocation of Resources Without Limits or Throttling vulnerability in Silabs Emberznet
Due to an allocation of resources without limits, an uncontrolled resource consumption vulnerability exists in Silicon Labs Ember ZNet SDK prior to v7.4.0.0 (delivered as part of Silicon Labs Gecko SDK v4.4.0) which may enable attackers to trigger a bus fault and crash of the device, requiring a reboot in order to rejoin the network.
network
low complexity
silabs CWE-770
7.5
2024-02-23 CVE-2023-51394 NULL Pointer Dereference vulnerability in Silabs Emberznet
High traffic environments may result in NULL Pointer Dereference vulnerability in Silicon Labs's Ember ZNet SDK before v7.4.0, causing a system crash.
network
low complexity
silabs CWE-476
7.5
2023-10-04 CVE-2023-41094 Missing Release of Resource after Effective Lifetime vulnerability in Silabs Emberznet
TouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and Missing Release of Resource after Effective Lifetime may allow a device to be added outside of valid TouchLink range or pairing duration This issue affects Ember ZNet 7.1.x from 7.1.3 through 7.1.5; 7.2.x from 7.2.0 through 7.2.3; Version 7.3 and later are unaffected
network
low complexity
silabs CWE-772
critical
9.8