Vulnerabilities > Silabs > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-18 | CVE-2023-2481 | Unspecified vulnerability in Silabs Gecko Software Development KIT Compiler removal of buffer clearing in sli_se_opaque_import_key in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | 7.5 |
2023-05-18 | CVE-2023-32096 | Unspecified vulnerability in Silabs Gecko Software Development KIT Compiler removal of buffer clearing in sli_crypto_transparent_aead_encrypt_tag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | 7.5 |
2023-05-18 | CVE-2023-32097 | Unspecified vulnerability in Silabs Gecko Software Development KIT Compiler removal of buffer clearing in sli_crypto_transparent_aead_decrypt_tag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | 7.5 |
2023-05-18 | CVE-2023-32098 | Unspecified vulnerability in Silabs Gecko Software Development KIT Compiler removal of buffer clearing in sli_se_sign_message in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | 7.5 |
2023-05-18 | CVE-2023-32099 | Unspecified vulnerability in Silabs Gecko Software Development KIT Compiler removal of buffer clearing in sli_se_sign_hash in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | 7.5 |
2023-05-18 | CVE-2023-32100 | Unspecified vulnerability in Silabs Gecko Software Development KIT Compiler removal of buffer clearing in sli_se_driver_mac_compute in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | 7.5 |
2022-11-14 | CVE-2022-24938 | Out-of-bounds Write vulnerability in Silabs Emberznet 1.0.0 A malformed packet causes a stack overflow in the Ember ZNet stack. | 7.5 |
2022-02-04 | CVE-2013-20003 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Silabs products Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (using S0 security) may use a known, shared network key of all zeros, allowing an attacker within radio range to spoof Z-Wave traffic. | 8.3 |
2022-02-04 | CVE-2018-25029 | Unspecified vulnerability in Silabs products The Z-Wave specification requires that S2 security can be downgraded to S0 or other less secure protocols, allowing an attacker within radio range during pairing to downgrade and then exploit a different vulnerability (CVE-2013-20003) to intercept and spoof traffic. low complexity silabs | 8.1 |
2022-01-10 | CVE-2020-9057 | Missing Encryption of Sensitive Data vulnerability in multiple products Z-Wave devices based on Silicon Labs 100, 200, and 300 series chipsets do not support encryption, allowing an attacker within radio range to take control of or cause a denial of service to a vulnerable device. | 8.8 |