NULL Pointer Dereference Vulnerability in Ember ZNet SDK Could Cause System Crash
CVE-2023-51394

7.5HIGH

Key Information:

Vendor: Silabs.com
Status: Ember Znet Sdk
Vendor: CVE Published:; 23 February 2024

Summary

The vulnerability affects the Silicon Labs Ember ZNet SDK versions prior to v7.4.0, allowing for a NULL Pointer Dereference in high traffic environments. This issue can lead to significant disruptions, potentially causing system crashes that could impact overall performance and reliability of applications utilizing this SDK. Immediate action is recommended for users relying on affected versions to mitigate operational risks.

Affected Version(s)

Ember ZNet SDK 32 bit 0 < 7.4.0

References

https://community.silabs.com/068Vm000001NL4u

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 23, 2024
Vulnerability Reserved
Dec 18, 2023