CVE-2024-9055

Summary

The DPA countermeasures on Silicon Labs' Series 2 devices are not reseeded periodically as they should be. This may allow an attacker to eventually extract secret keys through a DPA attack.

Affected Software

VendorProductVersion RangeStatus
Silicon LabsSimplicity SDK0 <= *.*affected

Weaknesses

  • CWE-331: CWE-331 Insufficient Entropy

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References