Vulnerabilities > Silabs

DATE CVE VULNERABILITY TITLE RISK
2023-05-18 CVE-2023-32100 Unspecified vulnerability in Silabs Gecko Software Development KIT
Compiler removal of buffer clearing in sli_se_driver_mac_compute in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.
network
low complexity
silabs
7.5
2023-03-28 CVE-2023-0775 Unspecified vulnerability in Silabs Gecko Software Development KIT 5.1.0/5.1.1
An invalid ‘prepare write request’ command can cause the Bluetooth LE stack to run out of memory and fail to be able to handle subsequent connection requests, resulting in a denial-of-service.
low complexity
silabs
6.5
2023-03-21 CVE-2023-1261 Missing Authorization vulnerability in Silabs Wi-Sun Software Development KIT
Missing MAC layer security in Silicon Labs Wi-SUN SDK v1.5.0 and earlier allows malicious node to route malicious messages through network.
network
low complexity
silabs CWE-862
5.3
2023-03-21 CVE-2023-1262 Missing Authorization vulnerability in Silabs Wireless Smart Ubiquitous Network Linux Border Router Firmware
Missing MAC layer security in Silicon Labs Wi-SUN Linux Border Router v1.5.2 and earlier allows malicious node to route malicious messages through network.
network
low complexity
silabs CWE-862
5.3
2022-11-18 CVE-2022-24939 Out-of-bounds Write vulnerability in Silabs Gecko Software Development KIT and Zigbee Emberznet
 A malformed packet containing an invalid destination address, causes a stack overflow in the Ember ZNet stack.
low complexity
silabs CWE-787
6.5
2022-11-15 CVE-2022-24942 Out-of-bounds Write vulnerability in Silabs Micrium Uc-Http 3.01.01
Heap based buffer overflow in HTTP Server functionality in Micrium uC-HTTP 3.01.01 allows remote code execution via HTTP request.
network
low complexity
silabs CWE-787
critical
9.8
2022-11-14 CVE-2022-24937 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Silabs Emberznet 1.0.0
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Silicon Labs Ember ZNet allows Overflow Buffers.
network
low complexity
silabs CWE-119
critical
9.8
2022-11-14 CVE-2022-24938 Out-of-bounds Write vulnerability in Silabs Emberznet 1.0.0
A malformed packet causes a stack overflow in the Ember ZNet stack.
network
low complexity
silabs CWE-787
7.5
2022-11-02 CVE-2022-24936 Out-of-bounds Write vulnerability in Silabs Gecko Bootloader 4.0.1
Out-of-Bounds error in GBL parser in Silicon Labs Gecko Bootloader version 4.0.1 and earlier allows attacker to overwrite flash Sign key and OTA decryption key via malicious bootloader upgrade.
network
low complexity
silabs CWE-787
critical
9.1
2022-05-17 CVE-2022-24611 Unspecified vulnerability in Silabs products
Denial of Service (DoS) in the Z-Wave S0 NonceGet protocol specification in Silicon Labs Z-Wave 500 series allows local attackers to block S0/S2 protected Z-Wave network via crafted S0 NonceGet Z-Wave packages, utilizing included but absent NodeIDs.
low complexity
silabs
6.5