Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

silabs.com — Vulnerabilities & Security Advisories 86

Browse all 86 CVE security advisories affecting silabs.com. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Silicon Labs operates as a semiconductor provider specializing in wireless connectivity solutions, including Bluetooth, Zigbee, and Wi-Fi modules for IoT and industrial applications. Its software stack, particularly the Simplicity Studio IDE and associated device drivers, has historically been susceptible to critical vulnerabilities, with 86 CVEs currently recorded. Common flaw categories include remote code execution (RCE), buffer overflows, and improper access controls, often stemming from complex embedded codebases and third-party library integrations. Notable incidents involve exploitable flaws in wireless protocol implementations that could allow attackers to disrupt device functionality or gain unauthorized system access. The high volume of vulnerabilities reflects the intricate nature of firmware development and the extensive attack surface presented by interconnected smart devices. Security updates are frequently released to mitigate these risks, emphasizing the need for rigorous patch management in environments utilizing Silicon Labs hardware and software components.

Top products by silabs.com: GSDK Gecko Platform Ember ZNet SDK Simplicity SDK Gecko SDK RS9116 Bluetooth SDK SiSDK Z/IP Gateway SDK Ember ZNet PC Controller Gecko Bootloader OpenThread Series 2 SoCs and associated modules Simplicity Studio v5 WiseConnect Zigbee Zigbee Stack Silicon Labs IDE (8-bit) Wi-SUN Stack Silicon Labs Z-Wave SDK RS9116W Simplicity Studio V6 Z-Wave Protocol Controller Silicon Labs Zigbee Stack Simplicity Device Manager Silicon Labs Matter Simplicity SDK, Gecko SDK USBXpress Dev Kit Wi-SUN SDK Wi-SUN Linux Border Router
CVE IDTitleCVSSSeverityPublished
CVE-2024-9490 Uncontrolled search path can lead to DLL hijacking in Silicon Labs IDE installer — Silicon Labs IDE (8-bit)CWE-427 8.6 High2025-01-24
CVE-2024-7322 Dos in ZigBee device due to unsolicited encrypted rejoin response — EmberZNetCWE-940 5.8 Medium2025-01-15
CVE-2024-6352 Malformed packet leads to denial of service in APS layer — SiSDKCWE-120 4.3 Medium2025-01-13
CVE-2024-10106 Ember ZNet buffer overflow in 'packet handoff' plugin — Ember ZNet SDK 3.7 Low2025-01-09
CVE-2024-6350 EmberZNet malformed MAC layer packet leads to denial of service — Simplicity SDKCWE-120 6.5 Medium2025-01-08
CVE-2024-8361 DoS caused due to wrong hash length returned for SHA2/224 algorithm — WiSeConnect SDKCWE-131 7.5 High2025-01-07
CVE-2024-7139 Denial of Service in Silicon Labs RS9116 Bluetooth SDK — RS9116 Bluetooth SDKCWE-787 6.5 Medium2024-12-19
CVE-2024-7138 Denial of Service in Silicon Labs RS9116 Bluetooth SDK — RS9116 Bluetooth SDKCWE-617 6.5 Medium2024-12-19
CVE-2024-7137 Denial of Service in Silicon Labs RS9116 Bluetooth SDK — RS9116 Bluetooth SDKCWE-787 6.5 Medium2024-12-19
CVE-2024-6657 BLE peripheral DoS after few cycles of connect/disconnects — EFR32 BLE SDKCWE-821 6.5 Medium2024-10-11
CVE-2024-2502 Failure to update the tamper reset cause register when a tamper event occurs — SE FirmwareCWE-754 2.0 Low2024-08-29
CVE-2024-3017 Denial of service in multi-protocol gateway - Zigbee + Thread — SiSDKCWE-125 6.5 Medium2024-06-27
CVE-2024-3043 Zigbee co-ordinator realignment packet may lead to denial of service — Ember ZNet SDKCWE-829 7.5 High2024-06-27
CVE-2024-4013 Failure to update BT Mesh Replay Protection List — Gecko SDKCWE-404 5.6 Medium2024-06-06
CVE-2024-3052 Z/IP Gateway S2 Nonce Get Denial of Service Vulnerability — Z/IP Gateway SDKCWE-248 7.5 High2024-04-26
CVE-2024-3051 Z/IP Gateway Device Reset Locally Denial of Service Vulnerability — Z/IP Gateway SDKCWE-248 7.5 High2024-04-26
CVE-2023-51391 Micrium OS Network uC-HTTP server header parsing invalid pointer dereference vulnerability CWE-476 7.5 High2024-04-16
CVE-2023-51393 Potential DoS due to BusFault and Assert in Ember ZNet legacy packet buffer — Ember ZNet SDKCWE-770 5.3 Medium2024-02-23
CVE-2023-51394 Potential DoS for EFR32xxx parts in high traffic environments due to null buffer dereference / crash — Ember ZNet SDKCWE-476 5.3 Medium2024-02-23
CVE-2023-51392 Silicon Labs EFR32xxx parts with classic key storage do not use hardware accelerated AES-CCM — Ember ZNet SDKCWE-1240 6.2 Medium2024-02-23
CVE-2023-6640 Silicon Labs PC Controller v5.54.0 and Earlier Denial of Service Vulnerability — PC ControllerCWE-248 6.5 Medium2024-02-21
CVE-2023-6533 Silicon Labs PC Controller Denial of Service Vulnerability — PC ControllerCWE-248 6.5 Medium2024-02-21
CVE-2024-22473 Uninitialized TRNG used for ECDSA after EM2/EM3 sleep for VSE devices — GSDKCWE-1279 6.8 Medium2024-02-21
CVE-2024-0240 Silicon Labs EFR32 Bluetooth stack denial of service when sending notifications to multiple clients — GSDKCWE-401 6.5 Medium2024-02-15
CVE-2023-6874 Zigbee Unauthenticated DoS via NWK Sequence number manipulation — GSDKCWE-312 7.5 High2024-02-05
CVE-2023-6387 Incorrect buffer parsing in Bluetooth LE sample code may lead to buffer overflow — GSDKCWE-787 7.5 High2024-02-02
CVE-2023-5138 Glitch detection not active by default in Silicon Labs Secure Vault High devices — GSDKCWE-1319 6.8 Medium2024-01-03
CVE-2023-4280 Unvalidated input in Silicon Labs TrustZone implementation leads to accessing Trusted memory region — GSDKCWE-125 9.3 Critical2024-01-02
CVE-2023-41097 Potential Timing vulnerability in CBC PKCS7 padding calculations — GSDKCWE-208 4.6 Medium2023-12-21
CVE-2023-4020 Unvalidated input in Silicon Labs PSA Attestation service leads to secure memory access from non-secure memory — GSDKCWE-125 9.0 Critical2023-12-15

This page lists every published CVE security advisory associated with silabs.com. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.