Vulnerabilities > Silabs

DATE CVE VULNERABILITY TITLE RISK
2023-11-14 CVE-2023-24585 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01.
network
low complexity
weston-embedded silabs CWE-787
critical
 9.8
9.8
2023-11-14 CVE-2023-25181 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01.
network
low complexity
weston-embedded silabs CWE-787
critical
 9.8
9.8
2023-11-14 CVE-2023-27882 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01.
network
low complexity
weston-embedded silabs CWE-787
critical
 9.8
9.8
2023-11-14 CVE-2023-28379 Out-of-bounds Write vulnerability in multiple products
A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01.
network
low complexity
weston-embedded silabs CWE-787
critical
 9.8
9.8
2023-11-14 CVE-2023-28391 Out-of-bounds Write vulnerability in multiple products
A memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01.
network
low complexity
weston-embedded silabs CWE-787
critical
 9.8
9.8
2023-11-14 CVE-2023-31247 Out-of-bounds Write vulnerability in multiple products
A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded uC-HTTP v3.01.01.
network
low complexity
weston-embedded silabs CWE-787
critical
 9.8
9.8
2023-10-26 CVE-2023-41095 Missing Encryption of Sensitive Data vulnerability in Silabs Openthread SDK 2.3.0.0/2.3.1.0
Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM (SecureVault High modules) allows potential modification or extraction of network credentials stored in flash. This issue affects Silicon Labs OpenThread SDK: 2.3.1 and earlier.
network
low complexity
silabs CWE-311
critical
 9.1
9.1
2023-10-26 CVE-2023-41096 Missing Encryption of Sensitive Data vulnerability in Silabs Emberznet SDK 7.3.0.0/7.3.1.0
Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM (SecureVault High modules) allows potential modification or extraction of network credentials stored in flash. This issue affects Silicon Labs Ember ZNet SDK: 7.3.1 and earlier.
low complexity
silabs CWE-311
6.1
6.1
2023-10-20 CVE-2023-3487 Integer Overflow or Wraparound vulnerability in Silabs Gecko Bootloader
An integer overflow in Silicon Labs Gecko Bootloader version 4.3.1 and earlier allows unbounded memory access when reading from or writing to storage slots.
local
low complexity
silabs CWE-190
7.8
7.8
2023-10-10 CVE-2020-27630 Use of Insufficiently Random Values vulnerability in Silabs Uc/Tcp-Ip 3.6.0
In Silicon Labs uC/TCP-IP 3.6.0, TCP ISNs are improperly random.
network
low complexity
silabs CWE-330
critical
 9.8
9.8