Command Execution vulnerability in Simplicity Installer_CVE-2025-11571

2.1 / 10

LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Description

Vulnerable endpoints accept user-controlled input through a URL in JSON format which enables command execution. The commands allowed to execute can open executables. However, the commands cannot pass parameters or arguments.
To successfully execute this attack, the attacker needs to be on the same network.

Basic Information

ID CVE-2025-11571

Source Silabs

Published Mar 24, 2026 at 16:26

Modified Mar 24, 2026 at 17:43

Affected Product

Vendor silabs.com

Product Simplicity Studio v5

Affected Versions silabs.com Simplicity Studio v5 0
silabs.com Simplicity Installer tool (Silicon Labs Tool - SLT) for Simplicity Studio v6 0

CWE Classification

CWE-78

References

community.silabs.com /068Vm00000htltZ

{
    "lastseen": "",
    "description": "Vulnerable endpoints accept user-controlled input through a URL in JSON format which enables command execution. The commands allowed to execute can open executables. However, the commands cannot pass parameters or arguments.\u00a0\nTo successfully execute this attack, the attacker needs to be on the same network.",
    "published": "2026-03-24T16:26:32.789Z",
    "modified": "2026-03-24T17:43:07.517Z",
    "type": "cve",
    "title": "Command Execution vulnerability in Simplicity Installer",
    "source": "Silabs",
    "references": "https://community.silabs.com/068Vm00000htltZ",
    "id": "CVE-2025-11571",
    "bulletinFamily": "",
    "cwe": [
        "CWE-78"
    ],
    "cvelist": null,
    "sourceData": "silabs.com Simplicity Studio v5 0\nsilabs.com Simplicity Installer tool (Silicon Labs Tool - SLT) for Simplicity Studio v6 0",
    "sourceHref": "",
    "cvss": {
        "score": 2.1,
        "severity": "LOW",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Simplicity Studio v5",
    "version": "0",
    "vendor": "silabs.com",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}