Filtered by vendor Silabs
Subscribe
Total
62 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-41095 | 1 Silabs | 1 Openthread Sdk | 2023-12-10 | N/A | 9.1 CRITICAL |
| Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM (SecureVault High modules) allows potential modification or extraction of network credentials stored in flash. This issue affects Silicon Labs OpenThread SDK: 2.3.1 and earlier. | |||||
| CVE-2023-3488 | 1 Silabs | 1 Gecko Software Development Kit | 2023-12-10 | N/A | 5.5 MEDIUM |
| Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file. | |||||
| CVE-2023-2683 | 1 Silabs | 1 Bluetooth Low Energy Software Development Kit | 2023-12-10 | N/A | 6.5 MEDIUM |
| A memory leak in the EFR32 Bluetooth LE stack 5.1.0 through 5.1.1 allows an attacker to send an invalid pairing message and cause future legitimate connection attempts to fail. A reset of the device immediately clears the error. | |||||
| CVE-2023-32097 | 1 Silabs | 1 Gecko Software Development Kit | 2023-12-10 | N/A | 7.5 HIGH |
| Compiler removal of buffer clearing in sli_crypto_transparent_aead_decrypt_tag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | |||||
| CVE-2023-32099 | 1 Silabs | 1 Gecko Software Development Kit | 2023-12-10 | N/A | 7.5 HIGH |
| Compiler removal of buffer clearing in sli_se_sign_hash in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | |||||
| CVE-2023-32096 | 1 Silabs | 1 Gecko Software Development Kit | 2023-12-10 | N/A | 7.5 HIGH |
| Compiler removal of buffer clearing in sli_crypto_transparent_aead_encrypt_tag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | |||||
| CVE-2023-1261 | 1 Silabs | 1 Wi-sun Software Development Kit | 2023-12-10 | N/A | 5.3 MEDIUM |
| Missing MAC layer security in Silicon Labs Wi-SUN SDK v1.5.0 and earlier allows malicious node to route malicious messages through network. | |||||
| CVE-2023-0970 | 1 Silabs | 1 Z\/ip Gateway Sdk | 2023-12-10 | N/A | 6.8 MEDIUM |
| Multiple buffer overflow vulnerabilities in SiLabs Z/IP Gateway SDK version 7.18.01 and earlier allow an attacker with invasive physical access to a Z-Wave controller device to overwrite global memory and potentially execute arbitrary code. | |||||
| CVE-2023-32098 | 1 Silabs | 1 Gecko Software Development Kit | 2023-12-10 | N/A | 7.5 HIGH |
| Compiler removal of buffer clearing in sli_se_sign_message in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | |||||
| CVE-2023-2481 | 1 Silabs | 1 Gecko Software Development Kit | 2023-12-10 | N/A | 7.5 HIGH |
| Compiler removal of buffer clearing in sli_se_opaque_import_key in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | |||||
| CVE-2023-0775 | 1 Silabs | 1 Gecko Software Development Kit | 2023-12-10 | N/A | 6.5 MEDIUM |
| An invalid ‘prepare write request’ command can cause the Bluetooth LE stack to run out of memory and fail to be able to handle subsequent connection requests, resulting in a denial-of-service. | |||||
| CVE-2023-2686 | 1 Silabs | 1 Gecko Software Development Kit | 2023-12-10 | N/A | 9.8 CRITICAL |
| Buffer overflow in Wi-Fi Commissioning MicriumOS example in Silicon Labs Gecko SDK v4.2.3 or earlier allows connected device to write payload onto the stack. | |||||
| CVE-2023-1262 | 1 Silabs | 2 Wireless Smart Ubiquitous Network Linux Border Router, Wireless Smart Ubiquitous Network Linux Border Router Firmware | 2023-12-10 | N/A | 5.3 MEDIUM |
| Missing MAC layer security in Silicon Labs Wi-SUN Linux Border Router v1.5.2 and earlier allows malicious node to route malicious messages through network. | |||||
| CVE-2023-0969 | 1 Silabs | 1 Z\/ip Gateway Sdk | 2023-12-10 | N/A | 3.5 LOW |
| A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an authenticated attacker within Z-Wave range to manipulate an array pointer to disclose the contents of global memory. | |||||
| CVE-2023-2687 | 1 Silabs | 1 Gecko Software Development Kit | 2023-12-10 | N/A | 3.3 LOW |
| Buffer overflow in Platform CLI component in Silicon Labs Gecko SDK v4.2.1 and earlier allows user to overwrite limited structures on the heap. | |||||
| CVE-2023-3110 | 1 Silabs | 1 Unify Software Development Kit | 2023-12-10 | N/A | 8.8 HIGH |
| Description: A vulnerability in SiLabs Unify Gateway 1.3.1 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution. | |||||
| CVE-2023-0971 | 1 Silabs | 1 Z\/ip Gateway Sdk | 2023-12-10 | N/A | 8.8 HIGH |
| A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and earlier allows authentication to be bypassed, remote administration of Z-Wave controllers, and S0/S2 encryption keys to be recovered. | |||||
| CVE-2023-2747 | 1 Silabs | 1 Gecko Software Development Kit | 2023-12-10 | N/A | 5.5 MEDIUM |
| The initialization vector (IV) used by the secure engine (SE) for encrypting data stored in the SE flash memory is uninitialized. | |||||
| CVE-2023-1132 | 1 Silabs | 1 Gecko Software Development Kit | 2023-12-10 | N/A | 7.5 HIGH |
| Compiler removal of buffer clearing in sli_se_driver_key_agreement in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | |||||
| CVE-2023-32100 | 1 Silabs | 1 Gecko Software Development Kit | 2023-12-10 | N/A | 7.5 HIGH |
| Compiler removal of buffer clearing in sli_se_driver_mac_compute in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | |||||