Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

silabs.com — Vulnerabilities & Security Advisories 86

Browse all 86 CVE security advisories affecting silabs.com. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Silicon Labs operates as a semiconductor provider specializing in wireless connectivity solutions, including Bluetooth, Zigbee, and Wi-Fi modules for IoT and industrial applications. Its software stack, particularly the Simplicity Studio IDE and associated device drivers, has historically been susceptible to critical vulnerabilities, with 86 CVEs currently recorded. Common flaw categories include remote code execution (RCE), buffer overflows, and improper access controls, often stemming from complex embedded codebases and third-party library integrations. Notable incidents involve exploitable flaws in wireless protocol implementations that could allow attackers to disrupt device functionality or gain unauthorized system access. The high volume of vulnerabilities reflects the intricate nature of firmware development and the extensive attack surface presented by interconnected smart devices. Security updates are frequently released to mitigate these risks, emphasizing the need for rigorous patch management in environments utilizing Silicon Labs hardware and software components.

Top products by silabs.com: GSDK Gecko Platform Ember ZNet SDK Simplicity SDK Gecko SDK RS9116 Bluetooth SDK SiSDK Z/IP Gateway SDK Ember ZNet PC Controller Gecko Bootloader OpenThread Series 2 SoCs and associated modules Simplicity Studio v5 WiseConnect Zigbee Zigbee Stack Silicon Labs IDE (8-bit) Wi-SUN Stack Silicon Labs Z-Wave SDK RS9116W Simplicity Studio V6 Z-Wave Protocol Controller Silicon Labs Zigbee Stack Simplicity Device Manager Silicon Labs Matter Simplicity SDK, Gecko SDK USBXpress Dev Kit Wi-SUN SDK Wi-SUN Linux Border Router
CVE IDTitleCVSSSeverityPublished
CVE-2023-5310 Z-Wave Denial of Service caused by Stream of Packets — Gecko SDKCWE-248 5.7 Medium2023-12-15
CVE-2023-4489 Z/IP Gateway Use of Uninitialized PRNG when Generating S0 Encryption Key — Z/IP Gateway SDKCWE-1279 6.4 Medium2023-12-14
CVE-2023-41096 Keys Stored in Plaintext on Secure Vault High for Silabs Ember ZNet devices — Ember ZNet SDKCWE-312 6.8 Medium2023-10-26
CVE-2023-41095 Keys Stored in Plaintext on Secure Vault High for Silabs OpenThread devices — OpenThread SDKCWE-312 6.8 Medium2023-10-26
CVE-2023-3487 Integer overflow in Silicon Labs Gecko Bootloader leads to unbounded memory access — GSDKCWE-125 7.7 High2023-10-20
CVE-2023-3024 Bluetooth LE segmented 'prepare write response' packet may lead to out-of-bounds memory access — GSDKCWE-787 5.9 Medium2023-09-29
CVE-2023-3488 Uninitialized variable in Gecko Bootloader can leak secure stack — Gecko BootloaderCWE-908 3.8 Low2023-07-28
CVE-2023-2747 Uninitialized IV in Silicon Labs SE FW v2.0.0 through v 2.2.1 for internally stored data — GSDKCWE-1204 3.1 Low2023-06-15
CVE-2023-2683 Connection update while closing connection may lead to denial-of-service — Bluetooth SDKCWE-401 5.3 Medium2023-06-15
CVE-2023-2686 Silicon Labs Gecko SDK 安全漏洞 — Gecko PlatformCWE-120 9.8 Critical2023-06-15
CVE-2023-2687 Silicon Labs Gecko SDK 安全漏洞 — Gecko SDKCWE-787 2.9 Low2023-06-02
CVE-2023-32100 Key duplication in GSDK — Gecko PlatformCWE-14 5.3 Medium2023-05-18
CVE-2023-32099 Key duplication in GSDK — Gecko PlatformCWE-14 5.3 Medium2023-05-18
CVE-2023-32098 Key duplication in GSDK — Gecko PlatformCWE-14 5.3 Medium2023-05-18
CVE-2023-32097 Key duplication in GSDK — Gecko PlatformCWE-14 3.1 Low2023-05-18
CVE-2023-32096 Key duplication in GSDK — Gecko PlatformCWE-14 3.1 Low2023-05-18
CVE-2023-2481 Key duplication in GSDK — Gecko PlatformCWE-14 5.3 Medium2023-05-18
CVE-2023-1132 Key duplication in GSDK — Gecko PlatformCWE-14 5.3 Medium2023-05-18
CVE-2023-0965 Key duplication in GSDK — Gecko PlatformCWE-14 3.1 Low2023-05-18
CVE-2023-0775 Bluetooth LE Invalid prepare write request command leads to denial of service — GSDKCWE-20 6.5 Medium2023-03-28
CVE-2023-1262 Missing MAC layer security in Wi-SUN Linux Border Router — Wi-SUN Linux Border RouterCWE-862 8.2 High2023-03-21
CVE-2023-1261 Missing MAC layer security in Wi-SUN SDK — Wi-SUN SDKCWE-862 8.2 High2023-03-21
CVE-2022-24939 Malformed Zigbee packet with invalid destination address causes Assert — Ember ZNetCWE-119 5.7 Medium2022-11-17
CVE-2022-24938 Malformed Zigbee packet causes Assert in EmberZNet 7.0.1 or earlier — Ember ZNetCWE-119 6.5 Medium2022-11-14
CVE-2022-24942 Heap-based buffer overflow in MicriumOS HTTP Server allows potential remote code execution — Gecko PlatformCWE-122 9.1 Critical2022-11-02
CVE-2022-24936 Gecko Standalone Bootloader vulnerability may allow bypassing application secure boot in some Series 2 devices — Gecko BootloaderCWE-119 8.3 High2022-11-02

This page lists every published CVE security advisory associated with silabs.com. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.