A-00000513 Silicon Labs Security Advisory
●CVSS Severity: High
●Impacted Products
■Silicon Labs Wi-Fi devices using Matter SDK 2.2.2-1.2 and earlier (GSDK 4.4.x and earlier)
■Thread based devices are unaffected
●CVE ID(s)
■The Connectivity Standards Alliance has not reserved a CVE for this vulnerability
●Technical Summary
■Silicon Labs Matter Extension included vulnerable code from the official Matter SDK that may allow an attacker to send specially crafted mDNS packets causing affected Wi-Fi devices to enter an infinite loop
▲Thread devices do not use mDNS for service discovery and are unaffected by this vulnerability
■Wi-Fi devices remain unresponsive until reset, leading to a Denial of Service
●Fix/Workaround
■Affected users should update to Silicon Labs Matter Extension v2.3.0-1.3 included in SiSDK 2024.06.0
■Instructions for downloading/updating the SDK [1] and for upgrading to a new Matter Extension [2] can be found in our developer documentation
|
|
|
|
|
|
|
Development Environment(Software/Firmware) |
|
|
|
|
Please see the document for details |
|
|
|
|
|
|
|
|
|
|
|
English Chinese Chinese and English Japanese |
|
|
2024-JUN-27 |
|
|
Rev 1.0 |
|
|
A-00000513 |
|
|
219 KB |
- +1 Like
- Add to Favorites
Recommend
All reproduced articles on this site are for the purpose of conveying more information and clearly indicate the source. If media or individuals who do not want to be reproduced can contact us, which will be deleted.
Integrated Circuits
Discrete Components
Connectors & Structural Components
Assembly UnitModules & Accessories
Power Supplies & Power Modules
Electronic Materials
Instrumentation & Test Kit
Electrical Tools & Materials
Mechatronics
Processing & Customization
