Predictable Value Generation in RS9116 by Silicon Labs
CVE-2026-3290

7.4HIGH

Key Information:

Vendor: Silicon Labs
Status: Rs9116 Sdk
Vendor: CVE Published:; 14 May 2026

🔔 Create Silicon Labs Vulnerability Alert

What is CVE-2026-3290?

The RS9116 from Silicon Labs exhibits a vulnerability where the timing limitations of the hardware random number generator (HRNG) in power save mode lead to the generation of predictable values. This flaw could compromise the security of applications relying on random number generation for cryptographic operations, thereby exposing them to risks associated with unauthorized access and data leaks.

Affected Version(s)

RS9116 SDK 0 <= 2.13.1

References

https://siliconlabs.lightning.force.com/sfc/servlet.sheph...

vendor-advisorypermissions-required

https://github.com/SiliconLabs/wiseconnect-wifi-bt-sdk/

patch

CVSS V4

Score:

7.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2026
Vulnerability Reserved
Feb 26, 2026

CVE-2026-3290 Data

JSON