CVE-2025-14547 | THREATINT

Description

An integer underflow vulnerability is present in Silicon Lab’s implementation of PSA Crypto and SE Manager EC-JPAKE APIs during ZKP parsing. Triggering the underflow can lead to a hard fault, causing a temporary denial of service.

PUBLISHED Reserved 2025-12-11 | Published 2026-02-20 | Updated 2026-02-20 | Assigner Silabs

LOW: 2.3CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Problem types

CWE-191 Integer Underflow (Wrap or Wraparound)

Product status

Default status

unaffected

Any version

affected

Default status

affected

Any version

affected

Credits

SecMate, including Maxime Rossi Bellom and Ramtine Tofighi Shirazi reporter

References

community.silabs.com/068Vm00000e1UTF vendor-advisory permissions-required

cve.org (CVE-2025-14547)

nvd.nist.gov (CVE-2025-14547)

Download JSON