CVE-2025-1394
5.9
CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Summary
The Ember ZNet stack’s packet buffer manager may read out of bound memory leading to an assert, causing a Denial of Service (DoS).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| silabs.com | Zigbee Stack | 0 <= 4.4.4 | affected |
| silabs.com | Zigbee Stack | 0 <= 2024.6.2 | affected |
Weaknesses
- CWE-252: CWE-252 Unchecked Return Value
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://www.silabs.com/documents/public/release-notes/emberznet-release-notes-7.5.0.0.pdf
- https://www.silabs.com/documents/public/release-notes/emberznet-release-notes-8.0.3.0.pdf
- https://www.silabs.com/documents/public/release-notes/emberznet-release-notes-8.1.0.0.pdf
- https://community.silabs.com/068Vm00000SkHNX
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.