Skip to main content

SixG301xxx CVE-2025-14972

| EUVD-2025-209883 MEDIUM
Insufficient Entropy (CWE-331)
2026-05-15 product-security@silabs.com GHSA-6cr3-m628-79px
Information Disclosure
4.1
CVSS 4.0
Share

CVSS VectorNVD

CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Physical
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
May 15, 2026 - 15:30 vuln.today

DescriptionNVD

  • Countermeasures for DPA within SYMCRYPTO

engine on SixG301xxx devices are not sufficiently random and will eventually repeat.

  • KSU keys using SYMCRYPTO will be

impacted by this vulnerability.

AnalysisAI

Insufficient randomness in DPA countermeasures within the SYMCRYPTO engine on Silicon Labs SixG301xxx devices enables physical attackers to extract cryptographic keys through side-channel analysis. The predictable countermeasure patterns eventually repeat, undermining differential power analysis (DPA) protections for Key Storage Unit (KSU) keys. While exploitation requires physical access and sophisticated equipment (CVSS 4.0 AV:P/AC:H), successful attacks achieve high confidentiality impact by recovering symmetric cryptographic keys. No public exploit code or CISA KEV listing exists at time of analysis, and EPSS data is not available for this recently disclosed vulnerability.

Technical ContextAI

This vulnerability affects the SYMCRYPTO cryptographic engine in Silicon Labs SixG301xxx wireless microcontroller devices. Differential Power Analysis (DPA) is a side-channel attack technique that recovers secret keys by statistically analyzing power consumption variations during cryptographic operations. Effective DPA countermeasures typically employ randomization techniques (masking, random delays, noise injection) to decorrelate power traces from key-dependent operations. The root cause is CWE-331 (Insufficient Entropy), indicating the random number generator or masking implementation used within SYMCRYPTO produces insufficiently random values that eventually enter predictable cycles. This repetition allows adversaries with physical access to collect sufficient power traces over time and perform correlation analysis to extract KSU-protected symmetric keys used for encryption, authentication, or secure storage functions within the device.

RemediationAI

Apply firmware updates from Silicon Labs addressing CVE-2025-14972 when released. Monitor the Silicon Labs security advisory at https://community.silabs.com/068Vm00000M3cAX for patch availability and specific firmware version numbers. If patches are not immediately available or deployment is infeasible, implement physical security controls as compensating measures: restrict physical access to devices through tamper-evident enclosures, deploy devices in monitored or restricted-access locations, implement tamper detection circuitry that erases keys upon physical intrusion attempts, and establish procedures for secure device decommissioning that ensure cryptographic key erasure. For new deployments, consider alternative Silicon Labs device families with validated side-channel resistance if physical security cannot be guaranteed. Organizations with high-security requirements should perform risk assessment of previously deployed devices to determine if key rotation or device replacement is warranted, particularly for devices that may have been in adversary-accessible locations. Note that physical security measures add operational complexity and cost but are the only effective mitigation prior to firmware patches.

Share

CVE-2025-14972 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy