CVE-2025-14547 LOW

CVE-2025-14547: ECJ-PAKE Integer Underflow Vulnerability in Silicon Labs PSA Crypto and SE Manager APIs

Vendor Silabs.com
Product Simplicity SDK
Weakness CWE-191
Published February 20, 2026
Last update February 20, 2026

CVSS base score

2.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

What the vulnerability does

01Description

An integer underflow vulnerability is present in Silicon Lab’s implementation of PSA Crypto and SE Manager EC-JPAKE APIs during ZKP parsing. Triggering the underflow can lead to a hard fault, causing a temporary denial of service.

Key dates

02Disclosure timeline

February 20, 2026 CVE published
February 20, 2026 Record updated