Improper Access Control Vulnerability in Semtech LoRa Transceivers
CVE-2025-14857

5.4MEDIUM

Key Information:

Vendor: Semtech
Status: Lr1110; Lr1120; Lr1121
Vendor: CVE Published:; 7 April 2026

What is CVE-2025-14857?

An improper access control vulnerability has been identified in early firmware versions of Semtech LoRa LR11xxx transceivers. This vulnerability allows an attacker with physical access to the SPI interface to bypass write protection on the program call stack, potentially enabling the overwriting of stack memory. Such an action can hijack the control flow of the device and achieve limited arbitrary code execution; however, the effects are isolated to the current session. The device's secure boot mechanism ensures that no persistent modifications can be made to the firmware, as cryptographic keys are guarded from direct access, and any alterations will be reversed upon reboot or loss of physical access.

Affected Version(s)

LR1110 0

LR1120 0

LR1121 0

References

https://www.semtech.com/company/security/security-bulleti...

CVSS V4

Score:

5.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 7, 2026
Vulnerability Reserved
Dec 18, 2025

Credit

Egor (radioegor146) Koleda, https://github.com/radioegor146

CVE-2025-14857 Data

JSON