Description
The following APIs for the Silcon Labs SiWx91x prior to vesion 3.4.0 failed to check the size of the output buffer of the caller which could lead to data corruption on the host (Cortex-M4) application. sl_si91x_aes sl_si91x_gcm sl_si91x_ccm sl_si91x_sha
References (2)
Core 2
Core References
Various Sources release-notes
https://docs.silabs.com/wiseconnect/latest/sisdk-wifi-release-notes/
Various Sources vendor-advisory
permissions-required
https://community.silabs.com/068Vm00000SSlOu
Scores
CVSS v4
6.0
EPSS
0.0029
EPSS Percentile
20.4%
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-787
Status
published
Products (1)
silabs.com/WiseConnect
3.0.0 - 3.4.0
Published
Jul 25, 2025
Tracked Since
Feb 18, 2026