DPA Vulnerabilities in Series 2 Modules and SoCs by Silicon Labs
CVE-2025-3301

1LOW

Key Information:

Vendor
Silabs.com
Status
Series 2 Socs And Associated Modules
Vendor
CVE Published:
29 April 2025

Summary

Silicon Labs' Series 2 modules and SoCs exhibit vulnerabilities related to Differential Power Analysis (DPA) due to insufficient support for countermeasures in ECDH key agreement and EdDSA signing operations, specifically on Curve25519 and Curve448. Without robust countermeasures, these components may be susceptible to DPA attacks, which could potentially allow attackers to expose sensitive information. It is advisable to implement the vulnerable crypto curves and operations with ephemeral keys to minimize the collection of DPA traces, thereby enhancing security.

Affected Version(s)

Series 2 SoCs and associated modules 0

References

https://community.silabs.com/068Vm00000O8qbY
vendor-advisorypermissions-required

CVSS V4

Score:
1
Severity:
LOW
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Physical
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-3301 : DPA Vulnerabilities in Series 2 Modules and SoCs by Silicon Labs | SecurityVulnerability.io