90 matches found
CVE-2023-51394
High traffic environments may result in NULL Pointer Dereference vulnerability in Silicon Labs's Ember ZNet SDK before v7.4.0, causing a system crash...
Design/Logic Flaw
Due to an allocation of resources without limits, an uncontrolled resource consumption vulnerability exists in Silicon Labs Ember ZNet SDK prior to v7.4.0.0 delivered as part of Silicon Labs Gecko SDK v4.4.0 which may enable attackers to trigger a bus fault and crash of the device, requiring a...
Null pointer dereference
High traffic environments may result in NULL Pointer Dereference vulnerability in Silicon Labs's Ember ZNet SDK before v7.4.0, causing a system crash...
CVE-2023-51393 Potential DoS due to BusFault and Assert in Ember ZNet legacy packet buffer
Due to an allocation of resources without limits, an uncontrolled resource consumption vulnerability exists in Silicon Labs Ember ZNet SDK prior to v7.4.0.0 delivered as part of Silicon Labs Gecko SDK v4.4.0 which may enable attackers to trigger a bus fault and crash of the device, requiring a...
CVE-2023-51393
CVE-2023-51393 affects Silicon Labs Ember ZNet SDK prior to v7.4.0.0 (delivered with Gecko SDK v4.4.0). The root cause is an allocation of resources without limits, causing uncontrolled resource consumption that can trigger a bus fault and crash the device, requiring a reboot to rejoin the networ...
CVE-2023-51394
CVE-2023-51394 affects Silicon Labs Ember ZNet SDK prior to v7.4.0. In high-traffic environments, a NULL pointer dereference can cause a system crash. The issue, per the CVE records, is tied to Ember ZNet SDK versions before 7.4.0, with a remediation path to update to 7.4.0 or later. Public docum...
CVE-2023-51392
Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware cryptographic accelerators, potentially increasing risk of electromagnetic and differential power analysis sidechannel attacks...
CVE-2023-51392
Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware cryptographic accelerators, potentially increasing risk of electromagnetic and differential power analysis sidechannel attacks...
Hardcoded credentials
Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware cryptographic accelerators, potentially increasing risk of electromagnetic and differential power analysis sidechannel attacks...
CVE-2023-51392
Summary: CVE-2023-51392 affects Silicon Labs EmberZNet v7.2.0–v7.4.0 where software AES-CCM is used instead of hardware-accelerated cryptography, potentially enabling side-channel risks (electromagnetic and differential power analysis). The connected sources specify Ember ZNet and related advisor...
CVE-2023-51392 Silicon Labs EFR32xxx parts with classic key storage do not use hardware accelerated AES-CCM
Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware cryptographic accelerators, potentially increasing risk of electromagnetic and differential power analysis sidechannel attacks...
Silicon Labs Gecko SDK Security Vulnerability
The Silicon Labs Gecko SDK GSDK is an open source library from Silicon Labs. Combines the Silicon Labs Wireless Software Development Kit SDK and the Gecko platform into one integrated package. A security vulnerability exists in Silicon Labs Ember ZNet SDK prior to v7.4.0.0 that stems from an...
PT-2024-14105 · Ember · Ember Znet
Name of the Vulnerable Software and Affected Versions: Ember ZNet versions 7.2.0 through 7.4.0 Description: The issue is related to the use of software AES-CCM instead of integrated hardware cryptographic accelerators in Ember ZNet, potentially increasing the risk of electromagnetic and...
Silicon Labs Ember ZNet Code Issue Vulnerability
Silicon Labs Ember ZNet is a protocol stack software from Silicon Labs, Inc. A code issue vulnerability exists in Silicon Labs Ember ZNet SDK prior to version v7.4.0 that stems from the presence of a NULL pointer dereference, which may cause a system crash...
PT-2024-14107 · Silicon · Ember Znet Sdk
Name of the Vulnerable Software and Affected Versions: Ember ZNet SDK versions prior to 7.4.0 Description: High traffic environments may result in a NULL Pointer Dereference issue in Silicon Labs's Ember ZNet SDK, causing a system crash. Recommendations: For versions prior to 7.4.0, update to...
PT-2024-14106 · Silicon · Silicon Labs Ember Znet Sdk
Name of the Vulnerable Software and Affected Versions: Silicon Labs Ember ZNet SDK versions prior to 7.4.0.0 Description: An uncontrolled resource consumption issue exists due to the allocation of resources without limits. This may enable attackers to trigger a bus fault and crash of the device,...
CVE-2023-6874
Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of the NWK sequence number...
Denial of service
Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of the NWK sequence number...
CVE-2023-6874 Zigbee Unauthenticated DoS via NWK Sequence number manipulation
Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of the NWK sequence number...
CVE-2023-6874
CVE-2023-6874 affects Silicon Labs EmberZNet prior to version 7.4.0. The vulnerability arises from the ability to manipulate the NWK (network) sequence number, enabling a denial-of-service condition. Impact is limited to Ember ZNet components handling NWK sequencing in affected releases, with no ...