CVE-2023-51393 MEDIUM

CVE-2023-51393: Potential DoS due to BusFault and Assert in Ember ZNet legacy packet buffer

Weakness CWE-770 · Uncontrolled resource consumption
Published February 23, 2024
Last update April 22, 2025

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

What the vulnerability does

01Description

Due to an allocation of resources without limits, an uncontrolled resource consumption vulnerability exists in Silicon Labs Ember ZNet SDK prior to v7.4.0.0 (delivered as part of Silicon Labs Gecko SDK v4.4.0) which may enable attackers to trigger a bus fault and crash of the device, requiring a reboot in order to rejoin the network.

Key dates

02Disclosure timeline

February 23, 2024 CVE published
April 22, 2025 Record updated