Unrated severityNVD Advisory· Published Mar 24, 2026· Updated Mar 24, 2026
Command Execution vulnerability in Simplicity Installer
CVE-2025-11571
Description
Vulnerable endpoints accept user-controlled input through a URL in JSON format which enables command execution. The commands allowed to execute can open executables. However, the commands cannot pass parameters or arguments. To successfully execute this attack, the attacker needs to be on the same network.
Affected products
2- silabs.com/Simplicity Installer tool (Silicon Labs Tool - SLT) for Simplicity Studio v6v5Range: 0
- silabs.com/Simplicity Studio v5v5Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- community.silabs.com/068Vm00000htltZmitrepermissions-requiredvendor-advisory
News mentions
0No linked articles in our index yet.