Unrated severityNVD Advisory· Published Oct 26, 2023· Updated Sep 25, 2024

Keys Stored in Plaintext on Secure Vault High for Silabs Ember ZNet devices

CVE-2023-41096

Description

Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM (SecureVault High modules) allows potential modification or extraction of network credentials stored in flash.

This issue affects Silicon Labs Ember ZNet SDK: 7.3.1 and earlier.

Affected products

Silabs.com/Ember ZNet stackllm-fuzzy
Range: <=7.3.1
silabs.com/Ember ZNet SDKv5
Range: 7.3.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000ZkKh7QAFmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000