Lucene search
+L

90 matches found

OSV
OSV
added 2024/02/23 8:15 p.m.6 views

CVE-2023-51394

High traffic environments may result in NULL Pointer Dereference vulnerability in Silicon Labs's Ember ZNet SDK before v7.4.0, causing a system crash...

7.5CVSS5.8AI score0.00515EPSS
Exploits0References1
Prion
Prion
added 2024/02/23 8:15 p.m.17 views

Design/Logic Flaw

Due to an allocation of resources without limits, an uncontrolled resource consumption vulnerability exists in Silicon Labs Ember ZNet SDK prior to v7.4.0.0 delivered as part of Silicon Labs Gecko SDK v4.4.0 which may enable attackers to trigger a bus fault and crash of the device, requiring a...

5CVSS7AI score0.00515EPSS
Exploits0References1
Prion
Prion
added 2024/02/23 8:15 p.m.22 views

Null pointer dereference

High traffic environments may result in NULL Pointer Dereference vulnerability in Silicon Labs's Ember ZNet SDK before v7.4.0, causing a system crash...

5CVSS7.1AI score0.00515EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/02/23 7:14 p.m.12 views

CVE-2023-51393 Potential DoS due to BusFault and Assert in Ember ZNet legacy packet buffer

Due to an allocation of resources without limits, an uncontrolled resource consumption vulnerability exists in Silicon Labs Ember ZNet SDK prior to v7.4.0.0 delivered as part of Silicon Labs Gecko SDK v4.4.0 which may enable attackers to trigger a bus fault and crash of the device, requiring a...

5.3CVSS5.2AI score0.00515EPSS
Exploits0References1
CVE
CVE
added 2024/02/23 7:14 p.m.97 views

CVE-2023-51393

CVE-2023-51393 affects Silicon Labs Ember ZNet SDK prior to v7.4.0.0 (delivered with Gecko SDK v4.4.0). The root cause is an allocation of resources without limits, causing uncontrolled resource consumption that can trigger a bus fault and crash the device, requiring a reboot to rejoin the networ...

7.5CVSS5.2AI score0.00515EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/02/23 7:13 p.m.95 views

CVE-2023-51394

CVE-2023-51394 affects Silicon Labs Ember ZNet SDK prior to v7.4.0. In high-traffic environments, a NULL pointer dereference can cause a system crash. The issue, per the CVE records, is tied to Ember ZNet SDK versions before 7.4.0, with a remediation path to update to 7.4.0 or later. Public docum...

7.5CVSS5.2AI score0.00515EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/02/23 5:15 p.m.14 views

CVE-2023-51392

Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware cryptographic accelerators, potentially increasing risk of electromagnetic and differential power analysis sidechannel attacks...

9.8CVSS6.4AI score0.00244EPSS
Exploits0References1
OSV
OSV
added 2024/02/23 5:15 p.m.5 views

CVE-2023-51392

Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware cryptographic accelerators, potentially increasing risk of electromagnetic and differential power analysis sidechannel attacks...

9.8CVSS5.8AI score0.00244EPSS
Exploits0References1
Prion
Prion
added 2024/02/23 5:15 p.m.16 views

Hardcoded credentials

Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware cryptographic accelerators, potentially increasing risk of electromagnetic and differential power analysis sidechannel attacks...

2.1CVSS7.4AI score0.00244EPSS
Exploits0References1
CVE
CVE
added 2024/02/23 4:12 p.m.82 views

CVE-2023-51392

Summary: CVE-2023-51392 affects Silicon Labs EmberZNet v7.2.0–v7.4.0 where software AES-CCM is used instead of hardware-accelerated cryptography, potentially enabling side-channel risks (electromagnetic and differential power analysis). The connected sources specify Ember ZNet and related advisor...

9.8CVSS6.4AI score0.00244EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/23 4:12 p.m.15 views

CVE-2023-51392 Silicon Labs EFR32xxx parts with classic key storage do not use hardware accelerated AES-CCM

Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware cryptographic accelerators, potentially increasing risk of electromagnetic and differential power analysis sidechannel attacks...

6.2CVSS7.2AI score0.00244EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/02/23 12:0 a.m.6 views

Silicon Labs Gecko SDK Security Vulnerability

The Silicon Labs Gecko SDK GSDK is an open source library from Silicon Labs. Combines the Silicon Labs Wireless Software Development Kit SDK and the Gecko platform into one integrated package. A security vulnerability exists in Silicon Labs Ember ZNet SDK prior to v7.4.0.0 that stems from an...

7.5CVSS6.7AI score0.00515EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/02/23 12:0 a.m.6 views

PT-2024-14105 · Ember · Ember Znet

Name of the Vulnerable Software and Affected Versions: Ember ZNet versions 7.2.0 through 7.4.0 Description: The issue is related to the use of software AES-CCM instead of integrated hardware cryptographic accelerators in Ember ZNet, potentially increasing the risk of electromagnetic and...

9.8CVSS6.8AI score0.00244EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/02/23 12:0 a.m.8 views

Silicon Labs Ember ZNet Code Issue Vulnerability

Silicon Labs Ember ZNet is a protocol stack software from Silicon Labs, Inc. A code issue vulnerability exists in Silicon Labs Ember ZNet SDK prior to version v7.4.0 that stems from the presence of a NULL pointer dereference, which may cause a system crash...

7.5CVSS7AI score0.00515EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/02/23 12:0 a.m.6 views

PT-2024-14107 · Silicon · Ember Znet Sdk

Name of the Vulnerable Software and Affected Versions: Ember ZNet SDK versions prior to 7.4.0 Description: High traffic environments may result in a NULL Pointer Dereference issue in Silicon Labs's Ember ZNet SDK, causing a system crash. Recommendations: For versions prior to 7.4.0, update to...

7.5CVSS5.2AI score0.00515EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/02/23 12:0 a.m.11 views

PT-2024-14106 · Silicon · Silicon Labs Ember Znet Sdk

Name of the Vulnerable Software and Affected Versions: Silicon Labs Ember ZNet SDK versions prior to 7.4.0.0 Description: An uncontrolled resource consumption issue exists due to the allocation of resources without limits. This may enable attackers to trigger a bus fault and crash of the device,...

7.5CVSS7.2AI score0.00515EPSS
Exploits0References4
NVD
NVD
added 2024/02/05 6:15 p.m.23 views

CVE-2023-6874

Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of the NWK sequence number...

7.5CVSS7.4AI score0.00351EPSS
Exploits0References2
Prion
Prion
added 2024/02/05 6:15 p.m.16 views

Denial of service

Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of the NWK sequence number...

5CVSS7AI score0.00351EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/05 5:39 p.m.21 views

CVE-2023-6874 Zigbee Unauthenticated DoS via NWK Sequence number manipulation

Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of the NWK sequence number...

7.5CVSS6.8AI score0.00351EPSS
Exploits0References2
CVE
CVE
added 2024/02/05 5:39 p.m.58 views

CVE-2023-6874

CVE-2023-6874 affects Silicon Labs EmberZNet prior to version 7.4.0. The vulnerability arises from the ability to manipulate the NWK (network) sequence number, enabling a denial-of-service condition. Impact is limited to Ember ZNet components handling NWK sequencing in affected releases, with no ...

7.5CVSS7.3AI score0.00351EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder