VYPR

Vendor CVEs

Silabs.com

All CVEs

113 total · sorted by risk
  • CVE-2025-8414CriOct 17, 2025
    risk 0.61cvss epss 0.00

    Due to improper input validation, a buffer overflow vulnerability is present in Zigbee EZSP Host Applications. If the buffer overflows, stack corruption is possible. In certain conditions, this could lead to arbitrary code execution. Access to a network key is required to…

  • CVE-2023-51395HigMar 7, 2024
    risk 0.57cvss 8.8epss 0.00

    The vulnerability described by CVE-2023-0972 has been additionally discovered in Silicon Labs Z-Wave end devices. This vulnerability may allow an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution.

  • CVE-2024-9499HigJan 24, 2025
    risk 0.56cvss 8.6epss 0.00

    DLL hijacking vulnerabilities, caused by an uncontrolled search path in the USBXpress Win 98SE Dev Kit installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.

  • CVE-2024-9498HigJan 24, 2025
    risk 0.56cvss 8.6epss 0.00

    DLL hijacking vulnerabilities, caused by an uncontrolled search path in the USBXpress SDK installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.

  • CVE-2024-9497HigJan 24, 2025
    risk 0.56cvss 8.6epss 0.00

    DLL hijacking vulnerabilities, caused by an uncontrolled search path in the USBXpress 4 SDK installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.

  • CVE-2024-9496HigJan 24, 2025
    risk 0.56cvss 8.6epss 0.00

    DLL hijacking vulnerabilities, caused by an uncontrolled search path in the USBXpress Dev Kit installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.

  • CVE-2024-9495HigJan 24, 2025
    risk 0.56cvss 8.6epss 0.00

    DLL hijacking vulnerabilities, caused by an uncontrolled search path in the CP210x VCP Windows installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.

  • CVE-2024-9494HigJan 24, 2025
    risk 0.56cvss 8.6epss 0.00

    DLL hijacking vulnerabilities, caused by an uncontrolled search path in the  CP210 VCP Win 2k installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.

  • CVE-2024-9493HigJan 24, 2025
    risk 0.56cvss 8.6epss 0.00

    DLL hijacking vulnerabilities, caused by an uncontrolled search path in the  ToolStick installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.

  • CVE-2024-9492HigJan 24, 2025
    risk 0.56cvss 8.6epss 0.00

    DLL hijacking vulnerabilities, caused by an uncontrolled search path in Flash Programming Utility installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.

  • CVE-2024-9491HigJan 24, 2025
    risk 0.56cvss 8.6epss 0.00

    DLL hijacking vulnerabilities, caused by an uncontrolled search path in Configuration Wizard 2 installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.

  • CVE-2024-9490HigJan 24, 2025
    risk 0.56cvss 8.6epss 0.00

    DLL hijacking vulnerabilities, caused by an uncontrolled search path in Silicon Labs (8-bit) IDE installer can lead to privilege escalation and arbitrary code execution when running the impacted installer.

  • CVE-2024-22472HigMay 7, 2024
    risk 0.53cvss 8.1epss 0.01

    A buffer Overflow vulnerability in Silicon Labs 500 Series Z-Wave devices may allow Denial of Service, and potential Remote Code execution This issue affects all versions of Silicon Labs 500 Series SDK prior to v6.85.2 running on Silicon Labs 500 series Z-wave devices.

  • CVE-2025-11004HigFeb 10, 2026
    risk 0.49cvss epss 0.00

    The Simplicity Device Manager Tool has a Reflected XSS (Cross-site-scripting) vulnerability in several API endpoints. The attacker needs to be on the same network to execute this attack. These APIs can affect confidentiality, integrity, and availability of the system that has…

  • CVE-2025-10693HigOct 31, 2025
    risk 0.49cvss epss 0.00

    When SmartStart Inclusion fails during the onboarding of a Z-Wave PIR sensor, the sensor will join the network as a non-secure device. This vulnerability exists in Silicon Labs' Z-Wave PIR Sensor Reference design delivered as part of SiSDK v2025.6.0 and v2025.6.1.

  • CVE-2024-8361HigJan 7, 2025
    risk 0.49cvss 7.5epss 0.00

    In SiWx91x devices, the SHA2/224 algorithm returns a hash of 256 bits instead of 224 bits. This incorrect hash length triggers a software assertion, which subsequently causes a Denial of Service (DoS). If a watchdog is implemented, device will restart after watch dog expires. If…

  • CVE-2024-3043HigJun 27, 2024
    risk 0.49cvss 7.5epss 0.01

    An unauthenticated IEEE 802.15.4 'co-ordinator realignment' packet can be used to force Zigbee nodes to change their network identifier (pan ID), leading to a denial of service. This packet type is not useful in production and should be used only for PHY qualification.

  • CVE-2023-51391HigApr 16, 2024
    risk 0.49cvss 7.5epss 0.01

    A bug in Micrium OS Network HTTP Server permits an invalid pointer dereference during header processing - potentially allowing a device crash and Denial of Service.

  • CVE-2026-3290HigMay 14, 2026
    risk 0.48cvss epss 0.00

    Timing limitations of the HRNG in RS9116 when power save mode is enabled results in predictable values

  • CVE-2025-10285HigDec 4, 2025
    risk 0.48cvss epss 0.00

    The web interface of the Silicon Labs Simplicity Device Manager is exposed publicly and can be used to extract the NTLMv2 hash which an attacker could use to crack the user's domain password.

  • CVE-2025-4321HigNov 17, 2025
    risk 0.46cvss epss 0.00

    In a Bluetooth device, using RS9116-WiseConnect SDK experiences a Denial of Service, if it receives malformed L2CAP packets, only hard reset will bring the device to normal operation

  • CVE-2024-3017MedJun 27, 2024
    risk 0.42cvss 6.5epss 0.00

    In a Silicon Labs  multi-protocol gateway, a corrupt pointer to buffered data on a multi-protocol radio co-processor (RCP) causes the OpenThread Border Router(OTBR) application task running on the host platform to crash, allowing an attacker to cause a temporary…

  • CVE-2026-0619MedFeb 12, 2026
    risk 0.39cvss epss 0.00

    A reachable infinite loop via an integer wraparound is present in Silicon Labs' Matter SDK which allows an attacker to trigger a denial of service. A hard reset is required to recover the device.

  • CVE-2025-12986MedDec 4, 2025
    risk 0.39cvss epss 0.00

    When a WF200/WGM160P device is configured to operate as an Access Point, it may be vulnerable to a denial of service triggered by a malformed packet. The device may recover automatically or require a hard reset.

  • CVE-2025-3873MedJul 25, 2025
    risk 0.39cvss epss 0.00

    The following APIs for the Silcon Labs SiWx91x prior to vesion 3.4.0 failed to check the size of the output buffer of the caller which could lead to data corruption on the host (Cortex-M4) application. sl_si91x_aes sl_si91x_gcm sl_si91x_ccm sl_si91x_sha

  • CVE-2025-1394MedJul 30, 2025
    risk 0.38cvss epss 0.00

    The Ember ZNet stack’s packet buffer manager may read out of bound memory leading to an assert, causing a Denial of Service (DoS).

  • CVE-2025-1221MedJul 30, 2025
    risk 0.38cvss epss 0.00

    A Zigbee Radio Co-Processor (RCP), which is using SiLabs EmberZNet Zigbee stack, was unable to send messages to the host system (CPCd) due to heavy Zigbee traffic, resulting in a Denial of Service (DoS) attack, Only hard reset will bring the device to normal operation

  • CVE-2024-4013MedJun 6, 2024
    risk 0.36cvss 5.6epss 0.00

    A bug exists in the API, mesh_node_power_off(), which fails to copy the contents of the Replay Protection List (RPL) from RAM to NVM before powering down, resulting in the ability to replay unsaved messages. Note that as of June 2024, the Gecko SDK was renamed to the Simplicity…

  • CVE-2025-10933MedJan 5, 2026
    risk 0.34cvss epss 0.00

    An integer underflow vulnerability in the Silicon Labs Z-Wave Protocol Controller can lead to out of bounds memory reads.

  • CVE-2025-2329MedJul 25, 2025
    risk 0.34cvss epss 0.00

    In high traffic environments, a Silicon Labs OpenThread RCP (see impacted versions) fails to clear the SPI transmit buffer and may send a corrupt packet over SPI to its host,  causing the host to reset the RCP which results in a denial of service.

  • CVE-2024-6351MedJan 28, 2025
    risk 0.28cvss 4.3epss 0.00

    A malformed packet can cause a buffer overflow in the NWK/APS layer of the Ember ZNet stack and lead to an assert

  • CVE-2024-6352MedJan 13, 2025
    risk 0.28cvss 4.3epss 0.00

    A malformed packet can cause a buffer overflow in the APS layer of the Ember ZNet stack and lead to an assert

  • CVE-2024-9055MedMar 17, 2025
    risk 0.27cvss 4.2epss 0.00

    The DPA countermeasures on Silicon Labs' Series 2 devices are not reseeded periodically as they should be. This may allow an attacker to eventually extract secret keys through a DPA attack.

  • CVE-2025-14055LowFeb 20, 2026
    risk 0.16cvss epss 0.00

    An integer underflow vulnerability in Silicon Labs Secure NCP host implementation allows a buffer overread via a specially crafted packet.

  • CVE-2025-14547LowFeb 20, 2026
    risk 0.15cvss epss 0.00

    An integer underflow vulnerability is present in Silicon Lab’s implementation of PSA Crypto and SE Manager EC-JPAKE APIs during ZKP parsing. Triggering the underflow can lead to a hard fault, causing a temporary denial of service.

  • CVE-2024-12975LowMar 7, 2025
    risk 0.07cvss epss 0.00

    A buffer overread can occur in the CPC application when operating in full duplex SPI upon receiving an invalid packet over the SPI interface.

  • CVE-2022-24942Nov 2, 2022
    risk 0.01cvss epss 0.02

    Heap based buffer overflow in HTTP Server functionality in Micrium uC-HTTP 3.01.01 allows remote code execution via HTTP request.

  • CVE-2020-15531Aug 19, 2020
    risk 0.01cvss epss 0.03

    Silicon Labs Bluetooth Low Energy SDK before 2.13.3 has a buffer overflow via packet data. This is an over-the-air remote code execution vulnerability in Bluetooth LE in EFR32 SoCs and associated modules running Bluetooth SDK, supporting Central or Observer roles.

  • CVE-2025-12131Feb 5, 2026
    risk 0.00cvss epss 0.00

    A truncated 802.15.4 packet can lead to an assert, resulting in a denial of service.

  • CVE-2025-2838Mar 26, 2025
    risk 0.00cvss epss 0.00

    Silicon Labs Gecko OS DNS Response Processing Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit…

  • CVE-2025-2837Mar 26, 2025
    risk 0.00cvss epss 0.00

    Silicon Labs Gecko OS HTTP Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to…

  • CVE-2024-23937Jan 31, 2025
    risk 0.00cvss epss 0.00

    This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the debug interface. The issue results from…

  • CVE-2024-23973Jan 30, 2025
    risk 0.00cvss epss 0.01

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability.  The specific flaw exists within the handling of HTTP GET requests. The issue…

  • CVE-2024-24731Jan 30, 2025
    risk 0.00cvss epss 0.00

    This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the http_download command. The…

  • CVE-2024-50924Dec 10, 2024
    risk 0.00cvss epss 0.00

    Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to cause disrupt communications between the controller and the device itself via repeatedly sending crafted packets to the controller.

  • CVE-2024-50931Dec 10, 2024
    risk 0.00cvss epss 0.00

    Silicon Labs Z-Wave Series 500 v6.84.0 was discovered to contain insecure permissions.

  • CVE-2024-50928Dec 10, 2024
    risk 0.00cvss epss 0.00

    Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to change the wakeup interval of end devices in controller memory, disrupting the device's communications with the controller.

  • CVE-2024-50920Dec 10, 2024
    risk 0.00cvss epss 0.00

    Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to create a fake node via supplying crafted packets.

  • CVE-2024-50921Dec 10, 2024
    risk 0.00cvss epss 0.00

    Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to cause a Denial of Service (DoS) via repeatedly sending crafted packets to the controller.

  • CVE-2024-50930Dec 10, 2024
    risk 0.00cvss epss 0.00

    An issue in Silicon Labs Z-Wave Series 500 v6.84.0 allows attackers to execute arbitrary code.

Page 1 of 3