CVE-2025-14547
LOWSimplicity SDK < 2025.6.2 and Gecko SDK < 2.5.x - Denial of Service via EC-JPAKE ZKP Parsing Integer Underflow
Title source: llmDescription
An integer underflow vulnerability is present in Silicon Lab’s implementation of PSA Crypto and SE Manager EC-JPAKE APIs during ZKP parsing. Triggering the underflow can lead to a hard fault, causing a temporary denial of service.
References (1)
Core 1
Core References
Various Sources vendor-advisory
permissions-required
https://community.silabs.com/068Vm00000e1UTF
Scores
CVSS v4
2.3
EPSS
0.0028
EPSS Percentile
19.3%
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-191
Status
published
Products (2)
silabs.com/Gecko SDK
< 2.5.x
silabs.com/Simplicity SDK
< 2025.6.2
Published
Feb 20, 2026
Tracked Since
Feb 20, 2026