Primary

Context

Silicon Labs OpenThread RCP Denial-of-Service Vulnerability via Corrupted SPI Packet Transmission

Vulnerability

A denial-of-service vulnerability has been identified in Silicon Labs OpenThread RCP, specifically in high traffic environments. The issue arises because the SPI transmit buffer is not properly cleared, which can lead to the transmission of corrupted packets over SPI to the host. This corruption causes the host to reset the RCP, thereby creating a denial-of-service condition.

Impact

Exploitation of this vulnerability causes a denial-of-service condition by disrupting the normal operation of the RCP and requiring a manual reset to restore functionality.

Remediation

Users can upgrade to the latest version of the Silicon Labs OpenThread SDK to address this vulnerability. The patched version is included in the Simplicity SDK release notes.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.2

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.2

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Silicon Labs OpenThread RCP Denial-of-Service Vulnerability via Corrupted SPI Packet Transmission

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating