CVE-2023-51392
6.2
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware cryptographic accelerators, potentially increasing risk of electromagnetic and differential power analysis sidechannel attacks.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| silabs.com | Ember ZNet SDK | 7.2.0 < 7.4.0 | affected |
Weaknesses
- CWE-1240: CWE-1240 Use of a Cryptographic Primitive with a Risky Implementation
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.