Silabs Silabs

  1. Vendors
  2. Silabs
Do you want an email whenever new security vulnerabilities are reported in any Silabs product?

Products by Silabs Sorted by Most Security Vulnerabilities since 2018

Silabs Gecko Software Development Kit26 vulnerabilities

Silabs Zip Gateway Sdk5 vulnerabilities

Silabs 500 Series Firmware4 vulnerabilities

Silabs Emberznet3 vulnerabilities

Silabs Gecko Bootloader3 vulnerabilities

Silabs 700 Series Firmware2 vulnerabilities

Silabs Uzb 72 vulnerabilities

Silabs Micrium Uc Http2 vulnerabilities

Silabs 100 Series Firmware1 vulnerability

Silabs 300 Series Firmware1 vulnerability

Silabs Zigbee Emberznet1 vulnerability

Silabs Wi Sun Software Development Kit1 vulnerability

Silabs Unify Software Development Kit1 vulnerability

Silabs Uctcp Ip1 vulnerability

Silabs Openthread Sdk1 vulnerability

Silabs Micrium Os1 vulnerability

Silabs 200 Series Firmware1 vulnerability

Silabs Emberznet Sdk1 vulnerability

Silabs Bluetooth Low Energy Software Development Kit1 vulnerability

By the Year

In 2024 there have been 4 vulnerabilities in Silabs with an average score of 7.9 out of ten. Last year Silabs had 35 security vulnerabilities published. Right now, Silabs is on track to have less security vulnerabilities in 2024 than it did last year. Last year, the average CVE base score was greater by 0.01

Year Vulnerabilities Average Score
2024 4 7.90
2023 35 7.91
2022 12 7.68
2021 1 7.50
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Silabs vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Silabs Security Vulnerabilities

Prior to v7.4.0

CVE-2023-6874 7.5 - High - February 05, 2024

Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of the NWK sequence number

Improper Check for Unusual or Exceptional Conditions

A potential buffer overflow exists in the Bluetooth LE HCI CPC sample application in the Gecko SDK

CVE-2023-6387 7.5 - High - February 02, 2024

A potential buffer overflow exists in the Bluetooth LE HCI CPC sample application in the Gecko SDK which may result in a denial of service or remote code execution

Incorrect Calculation of Buffer Size

Glitch detection is not enabled by default for the CortexM33 core in Silicon Labs secure vault high parts EFx32xG2xB

CVE-2023-5138 6.8 - Medium - January 03, 2024

Glitch detection is not enabled by default for the CortexM33 core in Silicon Labs secure vault high parts EFx32xG2xB, except EFR32xG21B.

Missing Initialization of Resource

An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK

CVE-2023-4280 9.8 - Critical - January 02, 2024

An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region.

An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially

CVE-2023-41097 7.5 - High - December 21, 2023

An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0.

Side Channel Attack

An unvalidated input in a library function responsible for communicating between secure and non-secure memory in Silicon Labs TrustZone implementation

CVE-2023-4020 9.1 - Critical - December 15, 2023

An unvalidated input in a library function responsible for communicating between secure and non-secure memory in Silicon Labs TrustZone implementation allows reading/writing of memory in the secure region of memory from the non-secure region of memory.

The first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK v7.18.3 and earlier

CVE-2023-4489 9.8 - Critical - December 14, 2023

The first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK v7.18.3 and earlier. This makes the first S0 key generated at startup predictable, potentially allowing network key prediction and unauthorized S0 network access.

Use of Uninitialized Resource

A memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01

CVE-2023-28391 9.8 - Critical - November 14, 2023

A memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01. Specially crafted network packets can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.

Memory Corruption

A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded uC-HTTP v3.01.01

CVE-2023-31247 9.8 - Critical - November 14, 2023

A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.

Memory Corruption

An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01

CVE-2023-24585 9.8 - Critical - November 14, 2023

An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.

Memory Corruption

A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01

CVE-2023-28379 9.8 - Critical - November 14, 2023

A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.

Memory Corruption

A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01

CVE-2023-27882 9.8 - Critical - November 14, 2023

A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.

Memory Corruption

A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01

CVE-2023-25181 9.8 - Critical - November 14, 2023

A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted set of network packets can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability.

Memory Corruption

Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM (SecureVault High modules)

CVE-2023-41095 9.1 - Critical - October 26, 2023

Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM (SecureVault High modules) allows potential modification or extraction of network credentials stored in flash. This issue affects Silicon Labs OpenThread SDK: 2.3.1 and earlier.

Missing Encryption of Sensitive Data

Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM (SecureVault High modules)

CVE-2023-41096 6.1 - Medium - October 26, 2023

Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM (SecureVault High modules) allows potential modification or extraction of network credentials stored in flash. This issue affects Silicon Labs Ember ZNet SDK: 7.3.1 and earlier.

Missing Encryption of Sensitive Data

An integer overflow in Silicon Labs Gecko Bootloader version 4.3.1 and earlier

CVE-2023-3487 7.8 - High - October 20, 2023

An integer overflow in Silicon Labs Gecko Bootloader version 4.3.1 and earlier allows unbounded memory access when reading from or writing to storage slots.

Integer Overflow or Wraparound

In Silicon Labs uC/TCP-IP 3.6.0

CVE-2020-27630 9.8 - Critical - October 10, 2023

In Silicon Labs uC/TCP-IP 3.6.0, TCP ISNs are improperly random.

Use of Insufficiently Random Values

TouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and Missing Release of Resource after Effective Lifetime may

CVE-2023-41094 9.8 - Critical - October 04, 2023

TouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and Missing Release of Resource after Effective Lifetime may allow a device to be added outside of valid TouchLink range or pairing duration This issue affects Ember ZNet 7.1.x from 7.1.3 through 7.1.5; 7.2.x from 7.2.0 through 7.2.3; Version 7.3 and later are unaffected

Operation on a Resource after Expiration or Release

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM (Firmware Update File Parser modules)

CVE-2023-4041 9.8 - Critical - August 23, 2023

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM (Firmware Update File Parser modules) allows Code Injection, Authentication Bypass.This issue affects "Standalone" and "Application" versions of Gecko Bootloader.

Memory Corruption

Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier

CVE-2023-3488 5.5 - Medium - July 28, 2023

Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file.

Use of Uninitialized Resource

Description: A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier

CVE-2023-0972 8.8 - High - June 21, 2023

Description: A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution.

Buffer Overflow

Multiple buffer overflow vulnerabilities in SiLabs Z/IP Gateway SDK version 7.18.01 and earlier

CVE-2023-0970 6.8 - Medium - June 21, 2023

Multiple buffer overflow vulnerabilities in SiLabs Z/IP Gateway SDK version 7.18.01 and earlier allow an attacker with invasive physical access to a Z-Wave controller device to overwrite global memory and potentially execute arbitrary code.

Classic Buffer Overflow

A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and earlier

CVE-2023-0971 8.8 - High - June 21, 2023

A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and earlier allows authentication to be bypassed, remote administration of Z-Wave controllers, and S0/S2 encryption keys to be recovered.

AuthZ

A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier

CVE-2023-0969 3.5 - Low - June 21, 2023

A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an authenticated attacker within Z-Wave range to manipulate an array pointer to disclose the contents of global memory.

Buffer Overflow

Description: A vulnerability in SiLabs Unify Gateway 1.3.1 and earlier

CVE-2023-3110 8.8 - High - June 21, 2023

Description: A vulnerability in SiLabs Unify Gateway 1.3.1 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution.

Buffer Overflow

The initialization vector (IV) used by the secure engine (SE) for encrypting data stored in the SE flash memory is uninitialized

CVE-2023-2747 5.5 - Medium - June 15, 2023

The initialization vector (IV) used by the secure engine (SE) for encrypting data stored in the SE flash memory is uninitialized. 

Use of Uninitialized Resource

A memory leak in the EFR32 Bluetooth LE stack 5.1.0 through 5.1.1 allows an attacker to send an invalid pairing message

CVE-2023-2683 6.5 - Medium - June 15, 2023

A memory leak in the EFR32 Bluetooth LE stack 5.1.0 through 5.1.1 allows an attacker to send an invalid pairing message and cause future legitimate connection attempts to fail. A reset of the device immediately clears the error.

Resource Exhaustion

Buffer overflow in Wi-Fi Commissioning MicriumOS example in Silicon Labs Gecko SDK v4.2.3 or earlier

CVE-2023-2686 9.8 - Critical - June 15, 2023

Buffer overflow in Wi-Fi Commissioning MicriumOS example in Silicon Labs Gecko SDK v4.2.3 or earlier allows connected device to write payload onto the stack.

Classic Buffer Overflow

Buffer overflow in Platform CLI component in Silicon Labs Gecko SDK v4.2.1 and earlier

CVE-2023-2687 3.3 - Low - June 02, 2023

Buffer overflow in Platform CLI component in Silicon Labs Gecko SDK v4.2.1 and earlier allows user to overwrite limited structures on the heap.

Incorrect Calculation of Buffer Size

Compiler removal of buffer clearing in sli_cryptoacc_transparent_key_agreement in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

CVE-2023-0965 7.5 - High - May 18, 2023

Compiler removal of buffer clearing in sli_cryptoacc_transparent_key_agreement in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

Compiler removal of buffer clearing in sli_se_driver_key_agreement in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

CVE-2023-1132 7.5 - High - May 18, 2023

Compiler removal of buffer clearing in sli_se_driver_key_agreement in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

Compiler removal of buffer clearing in sli_se_opaque_import_key in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

CVE-2023-2481 7.5 - High - May 18, 2023

Compiler removal of buffer clearing in sli_se_opaque_import_key in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

Compiler removal of buffer clearing in sli_crypto_transparent_aead_encrypt_tag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

CVE-2023-32096 7.5 - High - May 18, 2023

Compiler removal of buffer clearing in sli_crypto_transparent_aead_encrypt_tag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

Compiler removal of buffer clearing in sli_crypto_transparent_aead_decrypt_tag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

CVE-2023-32097 7.5 - High - May 18, 2023

Compiler removal of buffer clearing in sli_crypto_transparent_aead_decrypt_tag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

Compiler removal of buffer clearing in sli_se_sign_message in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

CVE-2023-32098 7.5 - High - May 18, 2023

Compiler removal of buffer clearing in sli_se_sign_message in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

Compiler removal of buffer clearing in sli_se_sign_hash in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

CVE-2023-32099 7.5 - High - May 18, 2023

Compiler removal of buffer clearing in sli_se_sign_hash in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

Compiler removal of buffer clearing in sli_se_driver_mac_compute in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

CVE-2023-32100 7.5 - High - May 18, 2023

Compiler removal of buffer clearing in sli_se_driver_mac_compute in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

An invalid prepare write request command

CVE-2023-0775 6.5 - Medium - March 28, 2023

An invalid prepare write request command can cause the Bluetooth LE stack to run out of memory and fail to be able to handle subsequent connection requests, resulting in a denial-of-service.

Missing MAC layer security in Silicon Labs Wi-SUN SDK v1.5.0 and earlier

CVE-2023-1261 5.3 - Medium - March 21, 2023

Missing MAC layer security in Silicon Labs Wi-SUN SDK v1.5.0 and earlier allows malicious node to route malicious messages through network.

AuthZ

A malformed packet containing an invalid destination address, causes a stack overflow in the Ember ZNet stack

CVE-2022-24939 6.5 - Medium - November 18, 2022

A malformed packet containing an invalid destination address, causes a stack overflow in the Ember ZNet stack. This causes an assert which leads to a reset, immediately clearing the error.

Memory Corruption

Heap based buffer overflow in HTTP Server functionality in Micrium uC-HTTP 3.01.01

CVE-2022-24942 9.8 - Critical - November 15, 2022

Heap based buffer overflow in HTTP Server functionality in Micrium uC-HTTP 3.01.01 allows remote code execution via HTTP request.

Memory Corruption

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Silicon Labs Ember ZNet

CVE-2022-24937 9.8 - Critical - November 14, 2022

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Silicon Labs Ember ZNet allows Overflow Buffers.

Buffer Overflow

A malformed packet causes a stack overflow in the Ember ZNet stack

CVE-2022-24938 7.5 - High - November 14, 2022

A malformed packet causes a stack overflow in the Ember ZNet stack. This causes an assert which leads to a reset, immediately clearing the error.

Memory Corruption

Out-of-Bounds error in GBL parser in Silicon Labs Gecko Bootloader version 4.0.1 and earlier

CVE-2022-24936 9.1 - Critical - November 02, 2022

Out-of-Bounds error in GBL parser in Silicon Labs Gecko Bootloader version 4.0.1 and earlier allows attacker to overwrite flash Sign key and OTA decryption key via malicious bootloader upgrade.

Memory Corruption

Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions Mem_DynPoolCreate

CVE-2021-27411 6.5 - Medium - May 03, 2022

Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions Mem_DynPoolCreate, Mem_DynPoolCreateHW and Mem_PoolCreate. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as very small blocks of memory being allocated instead of very large ones.

Integer Overflow or Wraparound

Z-Wave devices using Silicon Labs 500 and 700 series chipsets, including but not likely limited to the SiLabs UZB-7 version 7.00, ZooZ ZST10 version 6.04, Aeon Labs ZW090-A version 3.95, and Samsung STH-ETH-200 version 6.04, are susceptible to denial of service

CVE-2020-9061 6.5 - Medium - January 10, 2022

Z-Wave devices using Silicon Labs 500 and 700 series chipsets, including but not likely limited to the SiLabs UZB-7 version 7.00, ZooZ ZST10 version 6.04, Aeon Labs ZW090-A version 3.95, and Samsung STH-ETH-200 version 6.04, are susceptible to denial of service via malformed routing messages.

Z-Wave devices based on Silicon Labs 700 series chipsets using S2 do not adequately authenticate or encrypt FIND_NODE_IN_RANGE frames

CVE-2020-10137 6.5 - Medium - January 10, 2022

Z-Wave devices based on Silicon Labs 700 series chipsets using S2 do not adequately authenticate or encrypt FIND_NODE_IN_RANGE frames, allowing a remote, unauthenticated attacker to inject a FIND_NODE_IN_RANGE frame with an invalid random payload, denying service by blocking the processing of upcoming events.

Insufficient Verification of Data Authenticity

Z-Wave devices based on Silicon Labs 100, 200, and 300 series chipsets do not support encryption

CVE-2020-9057 8.8 - High - January 10, 2022

Z-Wave devices based on Silicon Labs 100, 200, and 300 series chipsets do not support encryption, allowing an attacker within radio range to take control of or cause a denial of service to a vulnerable device. An attacker can also capture and replay Z-Wave traffic. Firmware upgrades cannot directly address this vulnerability as it is an issue with the Z-Wave specification for these legacy chipsets. One way to protect against this vulnerability is to use 500 or 700 series chipsets that support Security 2 (S2) encryption. As examples, the Linear WADWAZ-1 version 3.43 and WAPIRZ-1 version 3.43 (with 300 series chipsets) are vulnerable.

Missing Encryption of Sensitive Data

Z-Wave devices based on Silicon Labs 500 series chipsets using CRC-16 encapsulation

CVE-2020-9058 8.1 - High - January 10, 2022

Z-Wave devices based on Silicon Labs 500 series chipsets using CRC-16 encapsulation, including but likely not limited to the Linear LB60Z-1 version 3.5, Dome DM501 version 4.26, and Jasco ZW4201 version 4.05, do not implement encryption or replay protection.

Missing Encryption of Sensitive Data

Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible to uncontrolled resource consumption leading to battery exhaustion

CVE-2020-9059 6.5 - Medium - January 10, 2022

Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible to uncontrolled resource consumption leading to battery exhaustion. As an example, the Schlage BE468 version 3.42 door lock is vulnerable and fails open at a low battery level.

Allocation of Resources Without Limits or Throttling

Z-Wave devices based on Silicon Labs 500 series chipsets using S2, including but likely not limited to the ZooZ ZST10 version 6.04, ZooZ ZEN20 version 5.03, ZooZ ZEN25 version 5.03, Aeon Labs ZW090-A version 3.95, and Fibaro FGWPB-111 version 4.3, are susceptible to denial of service and resource exhaustion

CVE-2020-9060 6.5 - Medium - January 10, 2022

Z-Wave devices based on Silicon Labs 500 series chipsets using S2, including but likely not limited to the ZooZ ZST10 version 6.04, ZooZ ZEN20 version 5.03, ZooZ ZEN25 version 5.03, Aeon Labs ZW090-A version 3.95, and Fibaro FGWPB-111 version 4.3, are susceptible to denial of service and resource exhaustion via malformed SECURITY NONCE GET, SECURITY NONCE GET 2, NO OPERATION, or NIF REQUEST messages.

Resource Exhaustion

A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00

CVE-2020-13582 7.5 - High - January 26, 2021

A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.

NULL Pointer Dereference

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD), Icons by Icons8. Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.