Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-41096

Summary
Assigner-Silabs
Assigner Org ID-030b2754-1501-44a4-bef8-48be86a33bf4
Published At-26 Oct, 2023 | 13:10
Updated At-25 Sep, 2024 | 16:23
Rejected At-
Credits

Keys Stored in Plaintext on Secure Vault High for Silabs Ember ZNet devices

Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM (SecureVault High modules) allows potential modification or extraction of network credentials stored in flash. This issue affects Silicon Labs Ember ZNet SDK: 7.3.1 and earlier.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Silabs
Assigner Org ID:030b2754-1501-44a4-bef8-48be86a33bf4
Published At:26 Oct, 2023 | 13:10
Updated At:25 Sep, 2024 | 16:23
Rejected At:
▼CVE Numbering Authority (CNA)
Keys Stored in Plaintext on Secure Vault High for Silabs Ember ZNet devices

Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM (SecureVault High modules) allows potential modification or extraction of network credentials stored in flash. This issue affects Silicon Labs Ember ZNet SDK: 7.3.1 and earlier.

Affected Products
Vendor
silabs.com
Product
Ember ZNet SDK
Repo
https://github.com/SiliconLabs/gecko_sdk
Modules
  • SecureVault High
Platforms
  • 32 bit
  • ARM
Default Status
affected
Versions
Unaffected
  • 7.3.2
Problem Types
TypeCWE IDDescription
CWECWE-312CWE-312 Cleartext Storage of Sensitive Information
Type: CWE
CWE ID: CWE-312
Description: CWE-312 Cleartext Storage of Sensitive Information
Metrics
VersionBase scoreBase severityVector
3.16.8MEDIUM
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 6.8
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-458CAPEC-458 Flash Memory Attacks
CAPEC ID: CAPEC-458
Description: CAPEC-458 Flash Memory Attacks
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000ZkKh7QAF?operationContext=S1
N/A
Hyperlink: https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000ZkKh7QAF?operationContext=S1
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000ZkKh7QAF?operationContext=S1
x_transferred
Hyperlink: https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000ZkKh7QAF?operationContext=S1
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@silabs.com
Published At:26 Oct, 2023 | 14:15
Updated At:25 Sep, 2024 | 17:15

Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM (SecureVault High modules) allows potential modification or extraction of network credentials stored in flash. This issue affects Silicon Labs Ember ZNet SDK: 7.3.1 and earlier.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.1MEDIUM
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Secondary3.16.8MEDIUM
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 6.1
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Type: Secondary
Version: 3.1
Base score: 6.8
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
silabs
silabs
>>emberznet_sdk>>Versions up to 7.3.1.0(inclusive)
cpe:2.3:a:silabs:emberznet_sdk:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-311Primarynvd@nist.gov
CWE-312Secondaryproduct-security@silabs.com
CWE ID: CWE-311
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-312
Type: Secondary
Source: product-security@silabs.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000ZkKh7QAF?operationContext=S1product-security@silabs.com
Permissions Required
Hyperlink: https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000ZkKh7QAF?operationContext=S1
Source: product-security@silabs.com
Resource:
Permissions Required

Change History

0
Information is not available yet

Similar CVEs

10Records found
CVE-2023-41095
Matching Score-10
Assigner-Silicon Labs
ShareView Details
Matching Score-10
Assigner-Silicon Labs
CVSS Score-6.8||MEDIUM
EPSS-0.04% / 8.78%
||
7 Day CHG~0.00%
Published-26 Oct, 2023 | 13:10
Updated-25 Sep, 2024 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Keys Stored in Plaintext on Secure Vault High for Silabs OpenThread devices

Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM (SecureVault High modules) allows potential modification or extraction of network credentials stored in flash. This issue affects Silicon Labs OpenThread SDK: 2.3.1 and earlier.

Action-Not Available
Vendor-silabssilabs.com
Product-openthread_sdkOpenThread SDK
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CWE ID-CWE-311
Missing Encryption of Sensitive Data
CVE-2023-5138
Matching Score-8
Assigner-Silicon Labs
ShareView Details
Matching Score-8
Assigner-Silicon Labs
CVSS Score-6.8||MEDIUM
EPSS-0.05% / 13.64%
||
7 Day CHG~0.00%
Published-03 Jan, 2024 | 22:31
Updated-03 Jun, 2025 | 14:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Glitch detection not active by default in Silicon Labs Secure Vault High devices

Glitch detection is not enabled by default for the CortexM33 core in Silicon Labs secure vault high parts EFx32xG2xB, except EFR32xG21B.

Action-Not Available
Vendor-silabssilabs.com
Product-gecko_software_development_kitGSDK
CWE ID-CWE-1319
Improper Protection against Electromagnetic Fault Injection (EM-FI)
CWE ID-CWE-909
Missing Initialization of Resource
CVE-2023-0970
Matching Score-8
Assigner-Silicon Labs
ShareView Details
Matching Score-8
Assigner-Silicon Labs
CVSS Score-7.1||HIGH
EPSS-0.03% / 6.86%
||
7 Day CHG~0.00%
Published-21 Jun, 2023 | 19:41
Updated-06 Dec, 2024 | 18:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Serial API Buffer Overflow in Z/IP Gateway

Multiple buffer overflow vulnerabilities in SiLabs Z/IP Gateway SDK version 7.18.01 and earlier allow an attacker with invasive physical access to a Z-Wave controller device to overwrite global memory and potentially execute arbitrary code.

Action-Not Available
Vendor-silabsSilicon Labs
Product-z\/ip_gateway_sdkZ/IP Gateway
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-9057
Matching Score-6
Assigner-CERT/CC
ShareView Details
Matching Score-6
Assigner-CERT/CC
CVSS Score-8.8||HIGH
EPSS-0.04% / 10.24%
||
7 Day CHG~0.00%
Published-07 Jan, 2022 | 04:30
Updated-16 Sep, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Z-Wave devices based on Silicon Labs 100, 200, and 300 series chipsets do not support encryption, allowing an attacker within radio range to take control of or cause a denial of service to a vulnerable device. An attacker can also capture and replay Z-Wave traffic. Firmware upgrades cannot directly address this vulnerability as it is an issue with the Z-Wave specification for these legacy chipsets. One way to protect against this vulnerability is to use 500 or 700 series chipsets that support Security 2 (S2) encryption. As examples, the Linear WADWAZ-1 version 3.43 and WAPIRZ-1 version 3.43 (with 300 series chipsets) are vulnerable.

Action-Not Available
Vendor-linearsilabsLinearSilicon Labs
Product-300_series_firmwarewadwaz-1200_series_firmware100_series_firmwarewapirz-1300 seriesWADWAZ-1WAPIRZ-1100 series200 series
CWE ID-CWE-311
Missing Encryption of Sensitive Data
CVE-2023-6874
Matching Score-6
Assigner-Silicon Labs
ShareView Details
Matching Score-6
Assigner-Silicon Labs
CVSS Score-7.5||HIGH
EPSS-0.06% / 18.53%
||
7 Day CHG~0.00%
Published-05 Feb, 2024 | 17:39
Updated-25 Sep, 2024 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zigbee Unauthenticated DoS via NWK Sequence number manipulation

Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of the NWK sequence number

Action-Not Available
Vendor-silabssilabs.comsilabs
Product-gecko_software_development_kitGSDKgecko_software_development_kit
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2020-9058
Matching Score-6
Assigner-CERT/CC
ShareView Details
Matching Score-6
Assigner-CERT/CC
CVSS Score-8.1||HIGH
EPSS-0.03% / 5.25%
||
7 Day CHG~0.00%
Published-07 Jan, 2022 | 04:30
Updated-16 Sep, 2024 | 23:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Z-Wave devices based on Silicon Labs 500 series chipsets using CRC-16 encapsulation, including but likely not limited to the Linear LB60Z-1 version 3.5, Dome DM501 version 4.26, and Jasco ZW4201 version 4.05, do not implement encryption or replay protection.

Action-Not Available
Vendor-linearsilabsdomejascoDomeLinearSilicon LabsJasco
Product-lb60z-1dm501zw4201500_series_firmwareLB60Z-1DM501ZW4201500 series
CWE ID-CWE-311
Missing Encryption of Sensitive Data
CVE-2025-4394
Matching Score-4
Assigner-Medtronic
ShareView Details
Matching Score-4
Assigner-Medtronic
CVSS Score-6.8||MEDIUM
EPSS-0.01% / 1.01%
||
7 Day CHG~0.00%
Published-24 Jul, 2025 | 03:26
Updated-25 Jul, 2025 | 15:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Medtronic MyCareLink Patient Monitor Unencrypted Filesystem Vulnerability

Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which allows an attacker with physical access to read and modify files. This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025

Action-Not Available
Vendor-Medtronic
Product-MyCareLink Patient Monitor 24950MyCareLink Patient Monitor 24952
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2018-20008
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.03% / 7.56%
||
7 Day CHG~0.00%
Published-28 May, 2019 | 20:03
Updated-05 Aug, 2024 | 11:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface, allowing physical attackers to discover Wi-Fi credentials (plain text) and the web-console password (base64) via the debugging console.

Action-Not Available
Vendor-iballn/a
Product-ib-wrb302n_firmwareib-wrb302nn/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2023-30561
Matching Score-4
Assigner-Becton, Dickinson and Company (BD)
ShareView Details
Matching Score-4
Assigner-Becton, Dickinson and Company (BD)
CVSS Score-6.1||MEDIUM
EPSS-0.05% / 13.26%
||
7 Day CHG~0.00%
Published-13 Jul, 2023 | 19:03
Updated-22 Oct, 2024 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Lack of Cryptographic Security of IUI Bus

The data flowing between the PCU and its modules is insecure. A threat actor with physical access could potentially read or modify data by attaching a specially crafted device while an infusion is running.

Action-Not Available
Vendor-Becton, Dickinson and Company
Product-alaris_8015_pcu_firmwarealaris_8015_pcuBD Alarisâ„¢ Point-of-Care Unit (PCU) Model 8015
CWE ID-CWE-311
Missing Encryption of Sensitive Data
CVE-2020-35454
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.03% / 6.00%
||
7 Day CHG~0.00%
Published-17 Mar, 2021 | 14:58
Updated-04 Aug, 2024 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from an Android backup because of insecure application configuration.

Action-Not Available
Vendor-taidiin/a
Product-diibearn/a
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
Details not found