Information Disclosure Vulnerability in Semtech LR11xx LoRa Transceivers
CVE-2025-14858

5.1MEDIUM

Key Information:

Vendor: Semtech
Status: Lr1110; Lr1120; Lr1121
Vendor: CVE Published:; 7 April 2026

What is CVE-2025-14858?

The Semtech LR11xx LoRa transceivers have a vulnerability stemming from how their firmware validation functionality is implemented. Specifically, when the device receives a firmware validity check command through the SPI interface, it decrypts the firmware package block by block to ensure integrity. However, a significant oversight occurs as the final decrypted block remains in memory, unremoved, once the validation concludes. This residual data can be exploited by an attacker with physical access to the SPI interface, permitting unauthorized retrieval of the unprotected firmware data through memory read commands, thereby circumventing the intended encryption protections.

Affected Version(s)

LR1110 0

LR1120 0

LR1121 0

References

https://www.semtech.com/company/security/security-bulleti...

CVSS V4

Score:

5.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Physical

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 7, 2026
Vulnerability Reserved
Dec 18, 2025

Credit

Egor (radioegor146) Koleda, https://github.com/radioegor146

CVE-2025-14858 Data

JSON