Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

silabs.com — Vulnerabilities & Security Advisories 86

Browse all 86 CVE security advisories affecting silabs.com. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Silicon Labs operates as a semiconductor provider specializing in wireless connectivity solutions, including Bluetooth, Zigbee, and Wi-Fi modules for IoT and industrial applications. Its software stack, particularly the Simplicity Studio IDE and associated device drivers, has historically been susceptible to critical vulnerabilities, with 86 CVEs currently recorded. Common flaw categories include remote code execution (RCE), buffer overflows, and improper access controls, often stemming from complex embedded codebases and third-party library integrations. Notable incidents involve exploitable flaws in wireless protocol implementations that could allow attackers to disrupt device functionality or gain unauthorized system access. The high volume of vulnerabilities reflects the intricate nature of firmware development and the extensive attack surface presented by interconnected smart devices. Security updates are frequently released to mitigate these risks, emphasizing the need for rigorous patch management in environments utilizing Silicon Labs hardware and software components.

Found 12 results / 86Clear Filters
Top products by silabs.com: GSDK Gecko Platform Ember ZNet SDK Simplicity SDK Gecko SDK RS9116 Bluetooth SDK SiSDK Z/IP Gateway SDK Ember ZNet PC Controller Gecko Bootloader OpenThread Series 2 SoCs and associated modules Simplicity Studio v5 WiseConnect Zigbee Zigbee Stack Silicon Labs IDE (8-bit) Wi-SUN Stack Silicon Labs Z-Wave SDK RS9116W Simplicity Studio V6 Z-Wave Protocol Controller Silicon Labs Zigbee Stack Simplicity Device Manager Silicon Labs Matter Simplicity SDK, Gecko SDK USBXpress Dev Kit Wi-SUN SDK Wi-SUN Linux Border Router
CVE IDTitleCVSSSeverityPublished
CVE-2024-22473 Uninitialized TRNG used for ECDSA after EM2/EM3 sleep for VSE devices — GSDKCWE-1279 6.8 Medium2024-02-21
CVE-2024-0240 Silicon Labs EFR32 Bluetooth stack denial of service when sending notifications to multiple clients — GSDKCWE-401 6.5 Medium2024-02-15
CVE-2023-6874 Zigbee Unauthenticated DoS via NWK Sequence number manipulation — GSDKCWE-312 7.5 High2024-02-05
CVE-2023-6387 Incorrect buffer parsing in Bluetooth LE sample code may lead to buffer overflow — GSDKCWE-787 7.5 High2024-02-02
CVE-2023-5138 Glitch detection not active by default in Silicon Labs Secure Vault High devices — GSDKCWE-1319 6.8 Medium2024-01-03
CVE-2023-4280 Unvalidated input in Silicon Labs TrustZone implementation leads to accessing Trusted memory region — GSDKCWE-125 9.3 Critical2024-01-02
CVE-2023-41097 Potential Timing vulnerability in CBC PKCS7 padding calculations — GSDKCWE-208 4.6 Medium2023-12-21
CVE-2023-4020 Unvalidated input in Silicon Labs PSA Attestation service leads to secure memory access from non-secure memory — GSDKCWE-125 9.0 Critical2023-12-15
CVE-2023-3487 Integer overflow in Silicon Labs Gecko Bootloader leads to unbounded memory access — GSDKCWE-125 7.7 High2023-10-20
CVE-2023-3024 Bluetooth LE segmented 'prepare write response' packet may lead to out-of-bounds memory access — GSDKCWE-787 5.9 Medium2023-09-29
CVE-2023-2747 Uninitialized IV in Silicon Labs SE FW v2.0.0 through v 2.2.1 for internally stored data — GSDKCWE-1204 3.1 Low2023-06-15
CVE-2023-0775 Bluetooth LE Invalid prepare write request command leads to denial of service — GSDKCWE-20 6.5 Medium2023-03-28

This page lists every published CVE security advisory associated with silabs.com. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.