CVE-2025-3873

Summary

The following APIs for the Silcon Labs SiWx91x prior to vesion 3.4.0 failed to check the size of the output buffer of the caller which could lead to data corruption on the host (Cortex-M4) application.

sl_si91x_aes sl_si91x_gcm sl_si91x_ccm sl_si91x_sha

Affected Software

VendorProductVersion RangeStatus
silabs.comWiseConnect3.0.0 < 3.4.0affected

Weaknesses

  • CWE-787: CWE-787 Out-of-bounds Write

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References