MEDIUM🇬🇧 English

CVE-2023-51392

CVSS 6.2v3.1pub. 2024-02-23upd. 2025-02-12

Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware cryptographic accelerators, potentially increasing risk of electromagnetic and differential power analysis sidechannel attacks.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Silabs Emberznet

    APP
    Silabs
    7.2.0 – 7.2.4
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2023-41094CRITICAL10.0ten sam produkt

TouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and ...

CVE-2026-47146HIGH7.1ten sam produkt

In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that terminate the proce...

CVE-2026-4526HIGH7.1ten sam produkt

In EmberZNet v9.0.2 and earlier, malformed global ZCL messages can trigger out-of-bounds reads in framework pa...

CVE-2026-47145HIGH7.1ten sam produkt

In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that terminate the proce...

CVE-2026-47147HIGH7.1ten sam produkt

In EmberZNet v9.0.2 and earlier, malformed OTA requests can drive the OTA server parser into out-of-bounds rea...