Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

silabs.com — Vulnerabilities & Security Advisories 86

Browse all 86 CVE security advisories affecting silabs.com. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Silicon Labs operates as a semiconductor provider specializing in wireless connectivity solutions, including Bluetooth, Zigbee, and Wi-Fi modules for IoT and industrial applications. Its software stack, particularly the Simplicity Studio IDE and associated device drivers, has historically been susceptible to critical vulnerabilities, with 86 CVEs currently recorded. Common flaw categories include remote code execution (RCE), buffer overflows, and improper access controls, often stemming from complex embedded codebases and third-party library integrations. Notable incidents involve exploitable flaws in wireless protocol implementations that could allow attackers to disrupt device functionality or gain unauthorized system access. The high volume of vulnerabilities reflects the intricate nature of firmware development and the extensive attack surface presented by interconnected smart devices. Security updates are frequently released to mitigate these risks, emphasizing the need for rigorous patch management in environments utilizing Silicon Labs hardware and software components.

Top products by silabs.com: GSDK Gecko Platform Ember ZNet SDK Simplicity SDK Gecko SDK RS9116 Bluetooth SDK SiSDK Z/IP Gateway SDK Ember ZNet PC Controller Gecko Bootloader OpenThread Series 2 SoCs and associated modules Simplicity Studio v5 WiseConnect Zigbee Zigbee Stack Silicon Labs IDE (8-bit) Wi-SUN Stack Silicon Labs Z-Wave SDK RS9116W Simplicity Studio V6 Z-Wave Protocol Controller Silicon Labs Zigbee Stack Simplicity Device Manager Silicon Labs Matter Simplicity SDK, Gecko SDK USBXpress Dev Kit Wi-SUN SDK Wi-SUN Linux Border Router
CVE IDTitleCVSSSeverityPublished
CVE-2025-11571 Command Execution vulnerability in Simplicity Installer — Simplicity Studio v5CWE-78 7.5 -2026-03-24
CVE-2025-14055 Integer underflow in Secure NCP host — Simplicity SDK, Gecko SDKCWE-191 7.5AIHighAI2026-02-20
CVE-2025-14547 ECJ-PAKE Integer Underflow Vulnerability in Silicon Labs PSA Crypto and SE Manager APIs — Simplicity SDKCWE-191 7.5AIHighAI2026-02-20
CVE-2026-0619 Integer Wraparound DoS in Silicon Labs Matter Implementation — Silicon Labs MatterCWE-190 7.5AIHighAI2026-02-12
CVE-2025-11004 Reflected XSS vulnerability in Simplicity Device Manager tool — Simplicity Device ManagerCWE-79 6.3AIMediumAI2026-02-10
CVE-2025-7432 DPA countermeasures not reseeded under certain conditions — Simplicity SDKCWE-331 6.5AIMediumAI2026-02-09
CVE-2025-12131 Truncated 802.15.4 packet leads to denial of service — Simplicity SDKCWE-20 6.5AIMediumAI2026-02-05
CVE-2025-7964 Zigbee Router Denial of Service — Silicon Labs Zigbee StackCWE-229--AI2026-01-30
CVE-2025-10933 Silicon Labs Z-Wave Protocol Controller Integer underflow vulnerability leads to out of bounds read — Z-Wave Protocol ControllerCWE-125 9.1 -2026-01-05
CVE-2025-12986 Denial of Service Vulnerability in Silicon Labs WF200 and WGM160P Devices — Gecko SDKCWE-410 7.5AIHighAI2025-12-04
CVE-2025-10285 Simplcity Device Manager exposes NTLMv2 hash — Simplicity Studio V6CWE-200 7.5AIHighAI2025-12-04
CVE-2025-4321 DoS in RS9116W-WiSeConnect L2CAP protocol due to reception of malformed packets — RS9116WCWE-240 6.5AIMediumAI2025-11-17
CVE-2025-10693 Silicon Labs Z-Wave PIR Sensor Joins Network as Non-Secure — Silicon Labs Z-Wave SDKCWE-757 6.5 -2025-10-31
CVE-2025-8414 Zigbee Green Power Host Buffer Overflow Vulnerability — Simplicity SDKCWE-20 9.8AICriticalAI2025-10-17
CVE-2025-7448 Man in the middle (MitM) attack vulnerability in Wi-SUN library — Wi-SUN StackCWE-290 5.9 -2025-09-12
CVE-2025-1394 Denial of Service (DoS) vulnerabilitiey in Zigbee library — Zigbee StackCWE-252 9.1AICriticalAI2025-07-30
CVE-2025-1221 DoS in Zigbee device due to heavy traffic — ZigbeeCWE-667 7.5AIHighAI2025-07-30
CVE-2025-2329 High traffic causes corrupt SPI packets in OpenThread leading to denial of service — OpenThreadCWE-908 7.5 -2025-07-25
CVE-2025-3873 Buffer overflow in Si91x crypto APIs — WiseConnectCWE-787 9.8 -2025-07-25
CVE-2025-3301 DPA Countermeasures Unavailable for Certain Cryptographic Operations on Series 2 Devices — Series 2 SoCs and associated modulesCWE-1255 7.5AIHighAI2025-04-29
CVE-2024-6351 Malformed packet leads to denial of service in NWK/APS layer — SiSDKCWE-120 4.3 Medium2025-01-28
CVE-2024-9499 Uncontrolled search path can lead to DLL hijacking in USBXpress Win 98SE Dev Kit installer — USBXpress Win 98SE Dev KitCWE-427 8.6 High2025-01-24
CVE-2024-9498 Uncontrolled search path can lead to DLL hijacking in USBXpress SDK installer — USBXpress SDKCWE-427 8.6 High2025-01-24
CVE-2024-9497 Uncontrolled search path can lead to DLL hijacking in USBXpress 4 SDK installer — USBXpress 4 SDKCWE-427 8.6 High2025-01-24
CVE-2024-9496 Uncontrolled search path can lead to DLL hijacking in USBXpress Dev Kit installer — USBXpress Dev KitCWE-427 8.6 High2025-01-24
CVE-2024-9495 Uncontrolled search path can lead to DLL hijacking in CP210x VCP Windows installer — CP210x VCP WindowsCWE-427 8.6 High2025-01-24
CVE-2024-9494 Uncontrolled search path can lead to DLL hijacking in CP210 VCP Win 2k installer — CP210 VCP Win 2kCWE-427 8.6 High2025-01-24
CVE-2024-9493 Uncontrolled search path can lead to DLL hijacking in ToolStick installer — ToolStickCWE-427 8.6 High2025-01-24
CVE-2024-9492 Uncontrolled search path can lead to DLL hijacking in Flash Programming Utility installer — Flash Programming UtilityCWE-427 8.6 High2025-01-24
CVE-2024-9491 Uncontrolled search path can lead to DLL hijacking in Configuration Wizard 2 installer — Configuration Wizard 2CWE-427 8.6 High2025-01-24

This page lists every published CVE security advisory associated with silabs.com. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.