3 results (0.014 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

An unauthenticated IEEE 802.15.4 'co-ordinator realignment' packet can be used to force Zigbee nodes to change their network identifier (pan ID), leading to a denial of service. This packet type is not useful in production and should be used only for PHY qualification. • https://community.silabs.com/069Vm000005UCH0IAO https://github.com/SiliconLabs/gecko_sdk • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

High traffic environments may result in NULL Pointer Dereference vulnerability in Silicon Labs's Ember ZNet SDK before v7.4.0, causing a system crash. Los entornos de mucho tráfico pueden provocar una vulnerabilidad de desreferencia de puntero NULL en el SDK Ember ZNet de Silicon Labs anterior a la versión 7.4.0, lo que provoca un fallo del sistema. • https://community.silabs.com/068Vm000001NL4u • CWE-476: NULL Pointer Dereference •

CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0

Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware cryptographic accelerators, potentially increasing risk of electromagnetic and differential power analysis sidechannel attacks. Ember ZNet entre v7.2.0 y v7.4.0 utilizó software AES-CCM en lugar de aceleradores criptográficos de hardware integrados, lo que potencialmente aumenta el riesgo de ataques de canal lateral de análisis de potencia diferencial y electromagnético. • https://community.silabs.com/068Vm000001BKm6 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-1240: Use of a Cryptographic Primitive with a Risky Implementation •