← back
CVE-2025-14547

ECJ-PAKE Integer Underflow Vulnerability in Silicon Labs PSA Crypto and SE Manager APIs

CVSS 2.3 LOWEPSS 0.3%CWE-191
An integer underflow vulnerability is present in Silicon Lab’s implementation of PSA Crypto and SE Manager EC-JPAKE APIs during ZKP parsing. Triggering the underflow can lead to a hard fault, causing a temporary denial of service.
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Affected products
silabs.com · Gecko SDKsilabs.com · Simplicity SDK

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://community.silabs.com/068Vm00000e1UTF