CVE-2023-6533

Summary

Malformed Device Reset Locally Command Class packets can be sent to the controller, causing the controller to assume the end device has left the network. After this, frames sent by the end device will not be acknowledged by the controller. This vulnerability exists in PC Controller v5.54.0, and earlier.

Affected Software

VendorProductVersion RangeStatus
silabs.comPC Controller0 <= 5.54.0affected

Weaknesses

  • CWE-248: CWE-248 Uncaught Exception
  • CWE-419: CWE-419 Unprotected Primary Channel

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References