CVE-2026-47145

In EmberZNet v9.0.2 and earlier, malformed Color Control messages can trigger asserts that terminate the process. The issue affects devices that already joined the network and that support the Color Control cluster. The problem is caused by malformed Color Control messages and results in an appli...

CVE-2026-47145 Color Control hue/saturation assertion abort in EmberZNet v9.0.2

In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that terminate the process. These messages must come from a device that has already joined the network. Only devices supporting the Color Control cluster may be impacted...

CVE-2026-4526

EmberZNet v9.0.2 and earlier has a vulnerability in the global ZCL command parser due to missing minimum-length validation, which can cause out-of-bounds reads in the framework parsing logic and terminate the process. The issue requires messages to originate from a device that has already joined ...

CVE-2026-4526 Global ZCL command parser missing minimum-length validation in EmberZNet v9.0.2

In EmberZNet v9.0.2 and earlier, malformed global ZCL messages can trigger out-of-bounds reads in framework parsing logic and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observed...

PT-2026-52400

Name of the Vulnerable Software and Affected Versions EmberZNet versions prior to 9.0.3 Description Malformed Over-the-Air OTA requests can cause the OTA server parser to perform out-of-bounds reads, which occurs when the software reads data outside the intended boundary of a buffer. This allows ...

PT-2026-52404

Name of the Vulnerable Software and Affected Versions EmberZNet versions prior to 9.0.3 Description Malformed ClearWeekdaySchedule messages can trigger out-of-bounds writes into the Door Lock schedule state. This issue affects only devices that support the Door Lock cluster and requires the...

CVE-2025-1394

The Ember ZNet stack’s packet buffer manager may read out of bound memory leading to an assert, causing a Denial of Service DoS...

EUVD-2025-23150

Malicious code in bioql PyPI...

EUVD-2025-23149

Malicious code in bioql PyPI...

CVE-2025-1221

A Zigbee Radio Co-Processor RCP, which is using SiLabs EmberZNet Zigbee stack, was unable to send messages to the host system CPCd due to heavy Zigbee traffic, resulting in a Denial of Service DoS attack, Only hard reset will bring the device to normal operation...

CVE-2025-1394

The Ember ZNet stack’s packet buffer manager may read out of bound memory leading to an assert, causing a Denial of Service DoS...

CVE-2025-1221

A Zigbee Radio Co-Processor RCP, which is using SiLabs EmberZNet Zigbee stack, was unable to send messages to the host system CPCd due to heavy Zigbee traffic, resulting in a Denial of Service DoS attack, Only hard reset will bring the device to normal operation...

CVE-2025-1394 Denial of Service (DoS) vulnerabilitiey in Zigbee library

The Ember ZNet stack’s packet buffer manager may read out of bound memory leading to an assert, causing a Denial of Service DoS...

CVE-2025-1394 Denial of Service (DoS) vulnerabilitiey in Zigbee library

The Ember ZNet stack’s packet buffer manager may read out of bound memory leading to an assert, causing a Denial of Service DoS...

CVE-2025-1221

CVE-2025-1221 affects Zigbee Radio Co-Processors using Silicon Labs EmberZNet Zigbee stack. The issue arises from heavy Zigbee traffic that prevents messages from being sent to the host system (CPCd), causing a Denial of Service. Practical impact is DoS with normal operation only restored by a ha...

CVE-2025-1221 DoS in Zigbee device due to heavy traffic

A Zigbee Radio Co-Processor RCP, which is using SiLabs EmberZNet Zigbee stack, was unable to send messages to the host system CPCd due to heavy Zigbee traffic, resulting in a Denial of Service DoS attack, Only hard reset will bring the device to normal operation...

CVE-2025-1221 DoS in Zigbee device due to heavy traffic

A Zigbee Radio Co-Processor RCP, which is using SiLabs EmberZNet Zigbee stack, was unable to send messages to the host system CPCd due to heavy Zigbee traffic, resulting in a Denial of Service DoS attack, Only hard reset will bring the device to normal operation...

Silicon Labs Zigbee EmberZNet SDK 安全漏洞

Silicon Labs Zigbee EmberZNet SDK is a software development kit for developing Zigbee networks from Silicon Labs, Inc. A security vulnerability exists in the Silicon Labs Zigbee EmberZNet SDK that stems from improper handling of buffer management API error states, which could lead to a data...

Silicon Labs Zigbee EmberZNet SDK 安全漏洞

Silicon Labs Zigbee EmberZNet SDK is a software development kit for developing Zigbee networks from Silicon Labs, Inc. A security vulnerability exists in the Silicon Labs Zigbee EmberZNet SDK that stems from high traffic resulting in a message delivery failure that could lead to a denial of servi...

PT-2025-31377 · Silicon · Ember Znet

Name of the Vulnerable Software and Affected Versions: SiLabs EmberZNet Zigbee stack affected versions not specified Description: A Zigbee Radio Co-Processor RCP using the SiLabs EmberZNet Zigbee stack was unable to send messages to the host system CPCd due to heavy Zigbee traffic. This resulted ...