CVE-2025-14547

Summary

An integer underflow vulnerability is present in Silicon Lab’s implementation of PSA Crypto and SE Manager EC-JPAKE APIs during ZKP parsing. Triggering the underflow can lead to a hard fault, causing a temporary denial of service.

Affected Software

VendorProductVersion RangeStatus
silabs.comSimplicity SDK0 <= 2025.6.2affected
silabs.comGecko SDK0 <= 2.5.xaffected

Weaknesses

  • CWE-191: CWE-191 Integer Underflow (Wrap or Wraparound)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References