CVE-2025-3873

CVSS

No CVSS.

he following APIs for the Silcon Labs SiWx91x prior to vesion 3.4.0 failed to check the size of the output buffer of the caller which could lead to data corruption on the host (Cortex-M4) application. sl_si91x_aes sl_si91x_gcm sl_si91x_ccm sl_si91x_sha

References

Link	Resource
https://community.silabs.com/068Vm00000SSlOu
https://docs.silabs.com/wiseconnect/latest/sisdk-wifi-release-notes/

Configurations

No configuration.

History

29 Jul 2025, 14:14

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-25 16:15

Updated : 2025-07-29 14:14

NVD link : CVE-2025-3873

Mitre link : CVE-2025-3873

CVE.ORG link : CVE-2025-3873

JSON object : View

Products Affected

No product.

CWE

CWE-787

Out-of-bounds Write

{"id": "CVE-2025-3873", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.0, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-07-25T16:15:33.560", "references": [{"url": "https://community.silabs.com/068Vm00000SSlOu", "source": "[email protected]"}, {"url": "https://docs.silabs.com/wiseconnect/latest/sisdk-wifi-release-notes/", "source": "[email protected]"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "The following APIs for the Silcon Labs SiWx91x prior to vesion 3.4.0 failed to check the size of the output buffer of the caller which could lead to data corruption on the host (Cortex-M4) application.\n\n\nsl_si91x_aes\nsl_si91x_gcm\nsl_si91x_ccm \nsl_si91x_sha"}, {"lang": "es", "value": "Las siguientes API para Silcon Labs SiWx91x anteriores a la versi\u00f3n 3.4.0 no pudieron verificar el tama\u00f1o del b\u00fafer de salida del llamador, lo que podr\u00eda provocar corrupci\u00f3n de datos en la aplicaci\u00f3n host (Cortex-M4). sl_si91x_aes sl_si91x_gcm sl_si91x_ccm sl_si91x_sha"}], "lastModified": "2025-07-29T14:14:55.157", "sourceIdentifier": "[email protected]"}

CVE-2025-3873

JSON object

Attach tags to CVE-2025-3873

Attach tags to `CVE-2025-3873`