CVE-2025-7432

Summary

DPA countermeasures in Silicon Labs' Series 2 devices are not reseeded under certain conditions. 

This may allow an attacker to eventually extract secret keys through a DPA attack.

Affected Software

VendorProductVersion RangeStatus
silabs.comSimplicity SDK0 < 2025.12.0affected

Weaknesses

  • CWE-331: CWE-331 Insufficient Entropy

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References