CVE-2023-51393

Due to an allocation of resources without limits, an uncontrolled resource consumption vulnerability exists in Silicon Labs Ember ZNet SDK prior to v7.4.0.0 (delivered as part of Silicon Labs Gecko SDK v4.4.0) which may enable attackers to trigger a bus fault and crash of the device, requiring a reboot in order to rejoin the network.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://community.silabs.com/068Vm000001NaAM	Permissions Required
https://community.silabs.com/068Vm000001NaAM	Permissions Required

Configurations

Configuration 1 (hide)

cpe:2.3:a:silabs:emberznet:*:*:*:*:*:*:*:*

History

12 Feb 2025, 18:49

Type	Values Removed	Values Added
References	~~() https://community.silabs.com/068Vm000001NaAM -~~	() https://community.silabs.com/068Vm000001NaAM - Permissions Required
CPE		cpe:2.3:a:silabs:emberznet::::::::
First Time		Silabs emberznet Silabs

Information

Published : 2024-02-23 20:15

Updated : 2025-02-12 18:49

NVD link : CVE-2023-51393

Mitre link : CVE-2023-51393

CVE.ORG link : CVE-2023-51393

JSON object : View

Products Affected

silabs

emberznet

CWE

CWE-770

Allocation of Resources Without Limits or Throttling

{"id": "CVE-2023-51393", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "product-security@silabs.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-02-23T20:15:51.687", "references": [{"url": "https://community.silabs.com/068Vm000001NaAM", "tags": ["Permissions Required"], "source": "product-security@silabs.com"}, {"url": "https://community.silabs.com/068Vm000001NaAM", "tags": ["Permissions Required"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "product-security@silabs.com", "description": [{"lang": "en", "value": "CWE-770"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-770"}]}], "descriptions": [{"lang": "en", "value": "Due to an allocation of resources without limits, an uncontrolled resource consumption vulnerability exists in Silicon Labs Ember ZNet SDK prior to v7.4.0.0 (delivered as part of Silicon Labs Gecko SDK v4.4.0) which may enable attackers to trigger a bus fault and crash of the device, requiring a reboot in order to rejoin the network."}, {"lang": "es", "value": "Debido a una asignaci\u00f3n de recursos sin l\u00edmites, existe una vulnerabilidad de consumo de recursos incontrolado en Silicon Labs Ember ZNet SDK anterior a v7.4.0.0 (entregado como parte de Silicon Labs Gecko SDK v4.4.0) lo que puede permitir a los atacantes provocar una falla en el bus y una falla del dispositivo, lo que requiere un reinicio para volver a unirse a la red."}], "lastModified": "2025-02-12T18:49:22.437", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:silabs:emberznet:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4302C76B-4600-4188-9A73-77BEAE036F47", "versionEndExcluding": "7.4.0"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@silabs.com"}