Denial of Service (DoS) and memory leak vulnerabilities in Zigbee...

5.9 / 10

MEDIUM

CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N

Description

Failure to handle the error status returned by the buffer management APIs in SiLabs EmberZNet Zigbee stack may result in data leaks or potential Denial of Service (DoS).

Basic Information

ID CVE-2025-1394

Source Silabs

Published Jul 30, 2025 at 08:11

Modified Aug 8, 2025 at 04:07

Affected Product

Vendor silabs.com

Product Zigbee Stack

Affected Versions silabs.com Zigbee Stack 0
silabs.com Zigbee Stack 0

CWE Classification

CWE-252

References

{
    "lastseen": "",
    "description": "Failure to handle the error status returned by the buffer management APIs in SiLabs EmberZNet Zigbee stack may result in data leaks or potential Denial of Service (DoS).",
    "published": "2025-07-30T08:11:28.403Z",
    "modified": "2025-08-08T04:07:18.857Z",
    "type": "cve",
    "title": "Denial of Service (DoS) and memory leak vulnerabilities in Zigbee library",
    "source": "Silabs",
    "references": "https://www.silabs.com/documents/public/release-notes/emberznet-release-notes-7.5.0.0.pdf\nhttps://www.silabs.com/documents/public/release-notes/emberznet-release-notes-8.0.3.0.pdf\nhttps://www.silabs.com/documents/public/release-notes/emberznet-release-notes-8.1.0.0.pdf\nhttps://community.silabs.com/068Vm00000SkHNX",
    "id": "CVE-2025-1394",
    "bulletinFamily": "",
    "cwe": [
        "CWE-252"
    ],
    "cvelist": null,
    "sourceData": "silabs.com Zigbee Stack 0\nsilabs.com Zigbee Stack 0",
    "sourceHref": "",
    "cvss": {
        "score": 5.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Zigbee Stack",
    "version": "0",
    "vendor": "silabs.com",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Denial of Service (DoS) and memory leak vulnerabilities in Zigbee library_CVE-2025-1394