VYPR

LR11xx

by Semtech

CVEs (3)

  • CVE-2025-14859HigApr 7, 2026
    risk 0.46cvss epss 0.00

    The Semtech LR11xx LoRa transceivers implement secure boot functionality using digital signatures to authenticate firmware. However, the implementation uses a non-standard cryptographic hashing algorithm that is vulnerable to second preimage attacks. An attacker with physical…

  • CVE-2025-14857MedApr 7, 2026
    risk 0.35cvss epss 0.00

    An improper access control vulnerability exists in Semtech LoRa LR11xxx transceivers running early versions of firmware where the memory write command accessible via the physical SPI interface fails to enforce write protection on the program call stack. An attacker with physical…

  • CVE-2025-14858MedApr 7, 2026
    risk 0.33cvss epss 0.00

    The Semtech LR11xx LoRa transceivers running early versions of firmware contains an information disclosure vulnerability in its firmware validation functionality. When a host issues a firmware validity check command via the SPI interface, the device decrypts the provided…