136 matches found
CVE-2024-3017
In a Silicon Labs multi-protocol gateway, a corrupt pointer to buffered data on a multi-protocol radio co-processor RCP causes the OpenThread Border RouterOTBR application task running on the host platform to crash, allowing an attacker to cause a temporary denial-of-service...
CVE-2023-41095
Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM SecureVault High modules allows potential modification or extraction of network credentials stored in flash. This issue affects Silicon Labs OpenThread SDK: 2.3.1 and earlier...
CVE-2023-2626
There exists an authentication bypass vulnerability in OpenThread border router devices and implementations. This issue allows unauthenticated nodes to craft radio frames using “Key ID Mode 2”: a special mode using a static encryption key to bypass security checks, resulting in arbitrary IP packe...
CVE-2020-8916
A memory leak in Openthread's wpantund versions up to commit 0e5d1601febb869f583e944785e5685c6c747be7, when used in an environment where wpanctl is directly interfacing with the control driver eg: debug environments can allow an attacker to crash the service DoS. We recommend updating, or to...
CVE-2019-20791
OpenThread before 2019-12-13 has a stack-based buffer overflow in MeshCoP::Commissioner::GeneratePskc...
PT-2025-19365 · Git +1 · Openthread
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The software contains a stack-buffer-overflow read vulnerability. The crash state indicates the issue occurs within the Cli::Utils::OutputLine,...
MAL-2024-11652 Malicious code in otci-openthread (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in otci-openthread (PyPI)
--- -= Per source details. Do not edit below this line.=-...
CVE-2024-3017
In a Silicon Labs multi-protocol gateway, a corrupt pointer to buffered data on a multi-protocol radio co-processor RCP causes the OpenThread Border RouterOTBR application task running on the host platform to crash, allowing an attacker to cause a temporary denial-of-service...
CVE-2024-3017
The CVE-2024-3017 entry describes a vulnerability in Silicon Labs multi-protocol gateway where a corrupt pointer to buffered data on the multi-protocol radio co-processor (RCP) can cause the OpenThread Border Router (OTBR) application task on the host to crash, enabling a temporary denial-of-serv...
CVE-2024-3017 Denial of service in multi-protocol gateway - Zigbee + Thread
In a Silicon Labs multi-protocol gateway, a corrupt pointer to buffered data on a multi-protocol radio co-processor RCP causes the OpenThread Border RouterOTBR application task running on the host platform to crash, allowing an attacker to cause a temporary denial-of-service...
CVE-2024-3017 Denial of service in multi-protocol gateway - Zigbee + Thread
In a Silicon Labs multi-protocol gateway, a corrupt pointer to buffered data on a multi-protocol radio co-processor RCP causes the OpenThread Border RouterOTBR application task running on the host platform to crash, allowing an attacker to cause a temporary denial-of-service...
CVE-2023-41095
Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM SecureVault High modules allows potential modification or extraction of network credentials stored in flash. This issue affects Silicon Labs OpenThread SDK: 2.3.1 and earlier...
Design/Logic Flaw
Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM SecureVault High modules allows potential modification or extraction of network credentials stored in flash. This issue affects Silicon Labs OpenThread SDK: 2.3.1 and earlier...
CVE-2023-41095
Silicon Labs OpenThread SDK (32-bit ARM, SecureVault High modules) is affected by CVE-2023-41095 due to missing encryption of security keys. The vulnerability could allow modification or extraction of network credentials stored in flash. Affected versions: 2.3.1 and earlier. Root cause: lack of e...
CVE-2023-41095 Keys Stored in Plaintext on Secure Vault High for Silabs OpenThread devices
Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM SecureVault High modules allows potential modification or extraction of network credentials stored in flash. This issue affects Silicon Labs OpenThread SDK: 2.3.1 and earlier...
CVE-2023-41095 Keys Stored in Plaintext on Secure Vault High for Silabs OpenThread devices
Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM SecureVault High modules allows potential modification or extraction of network credentials stored in flash. This issue affects Silicon Labs OpenThread SDK: 2.3.1 and earlier...
PT-2023-27781 · Silicon · Openthread Sdk
Name of the Vulnerable Software and Affected Versions: Silicon Labs OpenThread SDK versions 2.3.1 and earlier Description: The issue affects the Silicon Labs OpenThread SDK on 32-bit, ARM SecureVault High modules, allowing potential modification or extraction of network credentials stored in flas...
CVE-2023-2626
There exists an authentication bypass vulnerability in OpenThread border router devices and implementations. This issue allows unauthenticated nodes to craft radio frames using “Key ID Mode 2”: a special mode using a static encryption key to bypass security checks, resulting in arbitrary IP packe...
CVE-2023-2626
There exists an authentication bypass vulnerability in OpenThread border router devices and implementations. This issue allows unauthenticated nodes to craft radio frames using “Key ID Mode 2”: a special mode using a static encryption key to bypass security checks, resulting in arbitrary IP packe...