CVE-2025-1221

Summary

A Zigbee Radio Co-Processor (RCP), which is using SiLabs EmberZNet Zigbee stack, was unable to send messages to the host system (CPCd) due to heavy Zigbee traffic, resulting in a Denial of Service (DoS) attack, Only hard reset will bring the device to normal operation

Affected Software

VendorProductVersion RangeStatus
silabs.comZigbee0 <= 4.3.3affected
silabs.comZigbee4.4.3affected
silabs.comZigbee0 <= 2024.6.1affected

Weaknesses

  • CWE-667: CWE-667 Improper Locking

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References