CVE-2025-10693— Silicon Labs Z-Wave PIR Sensor Joins Network as Non-Secure
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-10693
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Silicon Labs Z-Wave PIR Sensor Joins Network as Non-Secure
Source: NVD (National Vulnerability Database)
Vulnerability Description
When SmartStart Inclusion fails during the onboarding of a Z-Wave PIR sensor, the sensor will join the network as a non-secure device. This vulnerability exists in Silicon Labs' Z-Wave PIR Sensor Reference design delivered as part of SiSDK v2025.6.0 and v2025.6.1.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
在会话协商时选择低安全性的算法(算法降级)
Source: NVD (National Vulnerability Database)
Vulnerability Title
SiLabs Silicon Labs Z-Wave SDK 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
SiLabs Silicon Labs Z-Wave SDK是美国SiLabs公司的一个开发套件。 SiLabs Silicon Labs Z-Wave SDK v2025.6.0版本和v2025.6.1版本存在安全漏洞,该漏洞源于SmartStart Inclusion失败时设备以非安全方式加入网络。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| silabs.com | Silicon Labs Z-Wave SDK | 2025.6.0 ~ 2025.6.1 | - |
II. Public POCs for CVE-2025-10693
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-10693
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same vendor: silabs.com
- CVE-2025-14972
Insufficient DPA countermeasure reseeding - CVE-2025-11571
Command Execution vulnerability in Simplicity Installer - CVE-2025-14055
Integer underflow in Secure NCP host - CVE-2025-14547
ECJ-PAKE Integer Underflow Vulnerability in Silicon Labs PSA - CVE-2026-0619
Integer Wraparound DoS in Silicon Labs Matter Implementation
Same weakness: CWE-757
- CVE-2026-1677
net: TLS 1.2 connections allowed on TLS 1.3 sockets - CVE-2026-6550
Key commitment policy bypass via shared key cache in AWS Enc - CVE-2026-32650
Anviz CrossChex Standard Algorithm Downgrade - CVE-2026-2673
OpenSSL TLS 1.3 server may choose unexpected key agreement g - CVE-2025-59270
psPAS does not enforce TLS 1.2 within Get-PASSAMLResponse
V. Comments for CVE-2025-10693
No comments yet