Buffer overflow in Si91x crypto APIs_CVE-2025-3873

6 / 10

MEDIUM

CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

Description

The following APIs for the Silcon Labs SiWx91x prior to vesion 3.4.0 failed to check the size of the output buffer of the caller which could lead to data corruption on the host (Cortex-M4) application.

sl_si91x_aes
sl_si91x_gcm
sl_si91x_ccm
sl_si91x_sha

Basic Information

ID CVE-2025-3873

Source Silabs

Published Jul 25, 2025 at 15:46

Modified Jul 25, 2025 at 18:32

Affected Product

Vendor silabs.com

Product WiseConnect

Version 3.0.0

Affected Versions silabs.com WiseConnect 3.0.0

CWE Classification

CWE-787

References

{
    "lastseen": "",
    "description": "The following APIs for the Silcon Labs SiWx91x prior to vesion 3.4.0 failed to check the size of the output buffer of the caller which could lead to data corruption on the host (Cortex-M4) application.\n\n\nsl_si91x_aes\nsl_si91x_gcm\nsl_si91x_ccm \nsl_si91x_sha",
    "published": "2025-07-25T15:46:02.258Z",
    "modified": "2025-07-25T18:32:06.955Z",
    "type": "cve",
    "title": "Buffer overflow in Si91x crypto APIs",
    "source": "Silabs",
    "references": "https://docs.silabs.com/wiseconnect/latest/sisdk-wifi-release-notes/\nhttps://community.silabs.com/068Vm00000SSlOu",
    "id": "CVE-2025-3873",
    "bulletinFamily": "",
    "cwe": [
        "CWE-787"
    ],
    "cvelist": null,
    "sourceData": "silabs.com WiseConnect 3.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 6,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "WiseConnect",
    "version": "3.0.0",
    "vendor": "silabs.com",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}