VYPR
Unrated severityNVD Advisory· Published Dec 14, 2023· Updated May 21, 2025

Z/IP Gateway Use of Uninitialized PRNG when Generating S0 Encryption Key

CVE-2023-4489

Description

The first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK v7.18.3 and earlier. This makes the first S0 key generated at startup predictable, potentially allowing network key prediction and unauthorized S0 network access.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Abb/IP Gatewayllm-fuzzy
    Range: <=SDK v7.18.3
  • silabs.com/Z/IP Gateway SDKv5
    Range: 0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.