Primary

Context

Silicon Labs Gecko Platform Buffer Overread Vulnerability in CPC Application via SPI Interface

Vulnerability

A buffer overread vulnerability has been identified in the CPC application of the Silicon Labs Gecko Platform. This issue occurs when the application is operating in full duplex SPI mode and receives an invalid packet over the SPI interface, leading to potential information leakage or memory corruption.

Impact

Exploitation of this vulnerability can result in a buffer overread, which may lead to information leakage or memory corruption.

Remediation

Users can upgrade to the latest version of the Silicon Labs Simplicity SDK, which includes the patched version of the Gecko Platform. The latest version can be downloaded from the Silicon Labs GitHub repository.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Silicon Labs Gecko Platform Buffer Overread Vulnerability in CPC Application via SPI Interface

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating