Reflected XSS vulnerability in Simplicity Device Manager tool_CVE-2025-11004

7.5 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

The Simplicity Device Manager Tool has a Reflected XSS (Cross-site-scripting) vulnerability in several API endpoints. The attacker needs to be on the same network to execute this attack. These APIs can affect confidentiality, integrity, and availability of the system that has Simplicity Device Manager tool running in the background.

Basic Information

ID CVE-2025-11004

Source Silabs

Published Feb 10, 2026 at 15:31

Affected Product

Vendor silabs.com

Product Simplicity Device Manager

Affected Versions silabs.com Simplicity Device Manager 0

CWE Classification

CWE-79

References

community.silabs.com /068Vm00000fjgJj

{
    "lastseen": "",
    "description": "The Simplicity Device Manager Tool has a Reflected XSS (Cross-site-scripting) vulnerability in several API endpoints. The attacker needs to be on the same network to execute this attack.\u00a0These APIs can affect confidentiality, integrity, and availability of the system that has Simplicity Device Manager tool running in the background.",
    "published": "2026-02-10T15:31:30.396Z",
    "modified": "2026-02-10T15:31:30.396Z",
    "type": "cve",
    "title": "Reflected XSS vulnerability in Simplicity Device Manager tool",
    "source": "Silabs",
    "references": "https://community.silabs.com/068Vm00000fjgJj",
    "id": "CVE-2025-11004",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79"
    ],
    "cvelist": null,
    "sourceData": "silabs.com Simplicity Device Manager 0",
    "sourceHref": "",
    "cvss": {
        "score": 7.5,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Simplicity Device Manager",
    "version": "0",
    "vendor": "silabs.com",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}