CVE-2025-1394

Failure to handle the error status returned by the buffer management APIs in SiLabs EmberZNet Zigbee stack may result in data leaks or potential Denial of Service (DoS).

CVSS

No CVSS.

References

Link	Resource
https://community.silabs.com/068Vm00000SkHNX
https://www.silabs.com/documents/public/release-notes/emberznet-release-notes-7.5.0.0.pdf
https://www.silabs.com/documents/public/release-notes/emberznet-release-notes-8.0.3.0.pdf
https://www.silabs.com/documents/public/release-notes/emberznet-release-notes-8.1.0.0.pdf

Configurations

No configuration.

History

No history.

Information

Published : 2025-07-30 08:15

Updated : 2025-07-31 18:42

NVD link : CVE-2025-1394

Mitre link : CVE-2025-1394

CVE.ORG link : CVE-2025-1394

JSON object : View

Products Affected

No product.

CWE

CWE-252

Unchecked Return Value

{"id": "CVE-2025-1394", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.9, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-07-30T08:15:33.743", "references": [{"url": "https://community.silabs.com/068Vm00000SkHNX", "source": "[email protected]"}, {"url": "https://www.silabs.com/documents/public/release-notes/emberznet-release-notes-7.5.0.0.pdf", "source": "[email protected]"}, {"url": "https://www.silabs.com/documents/public/release-notes/emberznet-release-notes-8.0.3.0.pdf", "source": "[email protected]"}, {"url": "https://www.silabs.com/documents/public/release-notes/emberznet-release-notes-8.1.0.0.pdf", "source": "[email protected]"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-252"}]}], "descriptions": [{"lang": "en", "value": "Failure to handle the error status returned by the buffer management APIs in SiLabs EmberZNet Zigbee stack may result in data leaks or potential Denial of Service (DoS)."}, {"lang": "es", "value": "No manejar el estado de error devuelto por las API de administraci\u00f3n de b\u00fafer en la pila SiLabs EmberZNet Zigbee puede provocar fugas de datos o una posible denegaci\u00f3n de servicio (DoS)."}], "lastModified": "2025-07-31T18:42:37.870", "sourceIdentifier": "[email protected]"}

CVE-2025-1394

JSON object

Attach tags to CVE-2025-1394

Attach tags to `CVE-2025-1394`