CVE-2023-6640— Silicon Labs PC Controller v5.54.0 and Earlier Denial of Service Vulnerability
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-6640
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Silicon Labs PC Controller v5.54.0 and Earlier Denial of Service Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
Malformed S2 Nonce Get Command Class packets can be sent to crash PC Controller v5.54.0 and earlier.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
未捕获的异常
Source: NVD (National Vulnerability Database)
Vulnerability Title
Silicon Labs PC Controller 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Silicon Labs PC Controller是美国芯科科技(Silicon Labs)公司的一款用于Z-Wave网络的安装和维护工具,允许开发人员在PC上管理Z-Wave设备,进行网络配置、故障排除和监控。 Silicon Labs PC Controller v5.54.0及之前版本存在安全漏洞,该漏洞源于格式错误的 S2 Nonce Get 命令类数据包可能会导致 PC Controller 崩溃。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| silabs.com | PC Controller | 0 ~ 5.54.0 | - |
II. Public POCs for CVE-2023-6640
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2023-6640
请登录查看更多情报信息。
Same Patch Batch · silabs.com · 2024-02-21 · 3 CVEs total
| CVE-2024-22473 | 6.8 MEDIUM | Uninitialized TRNG used for ECDSA after EM2/EM3 sleep for VSE devices |
| CVE-2023-6533 | 6.5 MEDIUM | Silicon Labs PC Controller Denial of Service Vulnerability |
IV. Related Vulnerabilities
Same vendor: silabs.com
- CVE-2025-11571
Command Execution vulnerability in Simplicity Installer - CVE-2025-14055
Integer underflow in Secure NCP host - CVE-2025-14547
ECJ-PAKE Integer Underflow Vulnerability in Silicon Labs PSA - CVE-2026-0619
Integer Wraparound DoS in Silicon Labs Matter Implementation - CVE-2025-11004
Reflected XSS vulnerability in Simplicity Device Manager too
Same weakness: CWE-248
- CVE-2026-41585
ZEBRA: Denial of Service via Interrupted JSON-RPC Requests f - CVE-2026-7183
aligungr UERANSIM Radio Link Simulation Layer rls_pdu.cpp De - CVE-2026-5937
Foxit PDF Editor/Reader's insufficient parameter validation - CVE-2026-35348
uutils coreutils sort Local Denial of Service via Forced UTF - CVE-2026-34944
Wasmtime segfault or unused out-of-sandbox load with `f64x2.
V. Comments for CVE-2023-6640
No comments yet