← back
CVE-2025-10285

Simplcity Device Manager exposes NTLMv2 hash

CVSS 7.4 HIGHEPSS 0.2%CWE-200
The web interface of the Silicon Labs Simplicity Device Manager is exposed publicly and can be used to extract the NTLMv2 hash which an attacker could use to crack the user's domain password.
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Affected products
silabs.com · Simplicity Studio V6

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://community.silabs.com/a45Vm0000003UcfIAE