Shodan
Vulnerabilities
Vulnerable Software
Silabs:  Security Vulnerabilities
CVE-2023-32100
Compiler removal of buffer clearing in sli_se_driver_mac_compute in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-05-18
CVE-2023-0775
An invalid ‘prepare write request’ command can cause the Bluetooth LE stack to run out of memory and fail to be able to handle subsequent connection requests, resulting in a denial-of-service.
CVSS Score
6.5
EPSS Score
0.0
Published
2023-03-28
CVE-2023-1261
Missing MAC layer security in Silicon Labs Wi-SUN SDK v1.5.0 and earlier allows malicious node to route malicious messages through network.
CVSS Score
8.2
EPSS Score
0.001
Published
2023-03-21
CVE-2023-1262
Missing MAC layer security in Silicon Labs Wi-SUN Linux Border Router v1.5.2 and earlier allows malicious node to route malicious messages through network.
CVSS Score
8.2
EPSS Score
0.001
Published
2023-03-21
CVE-2022-24939
 A malformed packet containing an invalid destination address, causes a stack overflow in the Ember ZNet stack. This causes an assert which leads to a reset, immediately clearing the error.
CVSS Score
5.7
EPSS Score
0.001
Published
2022-11-18
CVE-2022-24942
Heap based buffer overflow in HTTP Server functionality in Micrium uC-HTTP 3.01.01 allows remote code execution via HTTP request.
CVSS Score
9.1
EPSS Score
0.044
Published
2022-11-15
CVE-2022-24937
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Silicon Labs Ember ZNet allows Overflow Buffers.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-11-14
CVE-2022-24938
A malformed packet causes a stack overflow in the Ember ZNet stack. This causes an assert which leads to a reset, immediately clearing the error.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-11-14
CVE-2022-24936
Out-of-Bounds error in GBL parser in Silicon Labs Gecko Bootloader version 4.0.1 and earlier allows attacker to overwrite flash Sign key and OTA decryption key via malicious bootloader upgrade.
CVSS Score
8.3
EPSS Score
0.002
Published
2022-11-02
CVE-2022-24611
Denial of Service (DoS) in the Z-Wave S0 NonceGet protocol specification in Silicon Labs Z-Wave 500 series allows local attackers to block S0/S2 protected Z-Wave network via crafted S0 NonceGet Z-Wave packages, utilizing included but absent NodeIDs.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-05-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved