CVE-2023-51392

State: PUBLISHED · Published: 2024-02-23 · Updated: 2025-04-22 · Assigner: Silabs

Description

Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware cryptographic accelerators, potentially increasing risk of electromagnetic and differential power analysis sidechannel attacks.

CWE

CWE-1240 — CWE-1240 Use of a Cryptographic Primitive with a Risky Implementation

Affected

silabs.com / Ember ZNet SDK — v=7.2.0 <7.4.0 [affected]

CVSS

3.1 score=6.2 severity=MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

References

https://community.silabs.com/068Vm000001BKm6

Source

cvelistV5-main/cves/2023/51xxx/CVE-2023-51392.json