CVE-2025-1221

CVSS

No CVSS.

A

Zigbee Radio Co-Processor (RCP), which is using SiLabs EmberZNet Zigbee stack, was unable to send messages to the host system (CPCd) due to heavy Zigbee traffic, resulting in a Denial of Service (DoS) attack, Only hard reset will bring the device to normal operation

References

Link	Resource
https://community.silabs.com/068Vm00000Sadyn
https://www.silabs.com/documents/public/release-notes/emberznet-release-notes-7.4.4.0.pdf
https://www.silabs.com/documents/public/release-notes/emberznet-release-notes-8.0.2.0.pdf
https://www.silabs.com/documents/public/release-notes/emberznet-release-notes-8.1.0.0.pdf

Configurations

No configuration.

History

31 Jul 2025, 18:42

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-30 08:15

Updated : 2025-07-31 18:42

NVD link : CVE-2025-1221

Mitre link : CVE-2025-1221

CVE.ORG link : CVE-2025-1221

JSON object : View

Products Affected

No product.

CWE

CWE-667

Improper Locking

{"id": "CVE-2025-1221", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.9, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-07-30T08:15:33.133", "references": [{"url": "https://community.silabs.com/068Vm00000Sadyn", "source": "[email protected]"}, {"url": "https://www.silabs.com/documents/public/release-notes/emberznet-release-notes-7.4.4.0.pdf", "source": "[email protected]"}, {"url": "https://www.silabs.com/documents/public/release-notes/emberznet-release-notes-8.0.2.0.pdf", "source": "[email protected]"}, {"url": "https://www.silabs.com/documents/public/release-notes/emberznet-release-notes-8.1.0.0.pdf", "source": "[email protected]"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-667"}]}], "descriptions": [{"lang": "en", "value": "A Zigbee Radio Co-Processor (RCP), which is using SiLabs EmberZNet Zigbee stack, was unable to send messages to the host system (CPCd) due to heavy Zigbee traffic, resulting in a Denial of Service (DoS) attack, Only hard reset will bring the device to normal operation"}, {"lang": "es", "value": "Un Zigbee Radio Co-Processor (RCP), que utilice SiLabs EmberZNet Zigbee stack, no pudo enviar mensajes al sistema host (CPCd) debido al intenso tr\u00e1fico Zigbee, lo que result\u00f3 en un ataque de denegaci\u00f3n de servicio (DoS). Solo un reinicio completo har\u00e1 que el dispositivo vuelva a funcionar normalmente."}], "lastModified": "2025-07-31T18:42:37.870", "sourceIdentifier": "[email protected]"}