CVE-2025-3873
6
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
Summary
The following APIs for the Silcon Labs SiWx91x prior to vesion 3.4.0 failed to check the size of the output buffer of the caller which could lead to data corruption on the host (Cortex-M4) application.
sl_si91x_aes sl_si91x_gcm sl_si91x_ccm sl_si91x_sha
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| silabs.com | WiseConnect | 3.0.0 < 3.4.0 | affected |
Weaknesses
- CWE-787: CWE-787 Out-of-bounds Write
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://docs.silabs.com/wiseconnect/latest/sisdk-wifi-release-notes/
- https://community.silabs.com/068Vm00000SSlOu
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.