CVE 7.6 HIGH

Silicon Labs Z-Wave PIR Sensor Joins Network as Non-Secure_CVE-2025-10693

October 31, 2025 invoker category_cve
7.6 / 10
HIGH
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Description

When SmartStart Inclusion fails during the onboarding of a Z-Wave PIR sensor, the sensor will join the network as a non-secure device. This vulnerability exists in Silicon Labs' Z-Wave PIR Sensor Reference design delivered as part of SiSDK v2025.6.0 and v2025.6.1.

Basic Information

ID CVE-2025-10693
Source Silabs
Published Oct 31, 2025 at 19:20
Modified Oct 31, 2025 at 19:54

Affected Product

Vendor silabs.com
Product Silicon Labs Z-Wave SDK
Version 2025.6.0
Affected Versions silabs.com Silicon Labs Z-Wave SDK 2025.6.0

CWE Classification

CWE-757

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.