DPA Vulnerabilities in Series 2 Modules and SoCs by Silicon Labs
CVE-2025-3301

1LOW

Key Information:

Vendor: Silabs.com
Status: Series 2 Socs And Associated Modules
Vendor: CVE Published:; 29 April 2025

What is CVE-2025-3301?

Silicon Labs' Series 2 modules and SoCs exhibit vulnerabilities related to Differential Power Analysis (DPA) due to insufficient support for countermeasures in ECDH key agreement and EdDSA signing operations, specifically on Curve25519 and Curve448. Without robust countermeasures, these components may be susceptible to DPA attacks, which could potentially allow attackers to expose sensitive information. It is advisable to implement the vulnerable crypto curves and operations with ephemeral keys to minimize the collection of DPA traces, thereby enhancing security.

Affected Version(s)

Series 2 SoCs and associated modules 0

References

https://community.silabs.com/068Vm00000O8qbY

vendor-advisorypermissions-required

CVSS V4

Score:

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Physical

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 29, 2025
Vulnerability Reserved
Apr 4, 2025

Silabs.com

What is CVE-2025-3301?

Affected Version(s)

References

CVSS V4

Timeline