MEDIUM🇵🇱 Wersja polska

CVE-2023-51392

CVSS 6.2v3.1pub. 2024-02-23upd. 2025-02-12

Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware cryptographic accelerators, potentially increasing risk of electromagnetic and differential power analysis sidechannel attacks.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Silabs Emberznet

    APP
    Silabs
    7.2.0 – 7.2.4
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-41094CRITICAL10.0ten sam produkt

TouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and ...

CVE-2026-47146HIGH7.1ten sam produkt

In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that terminate the proce...

CVE-2026-4526HIGH7.1ten sam produkt

In EmberZNet v9.0.2 and earlier, malformed global ZCL messages can trigger out-of-bounds reads in framework pa...

CVE-2026-47145HIGH7.1ten sam produkt

In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that terminate the proce...

CVE-2026-47147HIGH7.1ten sam produkt

In EmberZNet v9.0.2 and earlier, malformed OTA requests can drive the OTA server parser into out-of-bounds rea...