Skip to main content

RS9116 SDK CVE-2026-3290

| EUVDEUVD-2026-30381 HIGH
Insufficient Entropy in PRNG (CWE-332)
2026-05-14 Silabs GHSA-rjvv-82rg-ppqh
7.4
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.4 HIGH
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
P
Scope
X

Lifecycle Timeline

4
Analysis Generated
May 14, 2026 - 21:49 vuln.today
CVSS changed
May 14, 2026 - 20:22 NVD
7.4 (HIGH)
CVE Published
May 14, 2026 - 19:24 nvd
UNKNOWN (no severity yet)
CVE Published
May 14, 2026 - 19:24 nvd
HIGH 7.4

DescriptionCVE.org

Timing limitations of the HRNG in RS9116 when power save mode is enabled results in predictable values

AnalysisAI

Hardware random number generator (HRNG) in Silicon Labs RS9116 SDK versions up to 2.13.1 produces predictable cryptographic values when the wireless module operates in power save mode, enabling adjacent attackers with user interaction to compromise encrypted communications and authentication mechanisms. Vendor patch available via GitHub; no active exploitation confirmed but cryptographic weakness poses high risk to WiFi/Bluetooth IoT deployments relying on the affected module's entropy source.

Technical ContextAI

The RS9116 is a WiFi/Bluetooth combo wireless module from Silicon Labs targeting IoT applications. This vulnerability (CWE-332: Insufficient Entropy) affects the hardware random number generator (HRNG) component within the RS9116 SDK. When power save mode is enabled-a common configuration to extend battery life in IoT devices-timing constraints on the HRNG's operation introduce deterministic patterns in the generated random values. Cryptographic operations requiring entropy (key generation, nonce creation, session token generation) become predictable, fundamentally breaking the security assumptions of encryption, authentication protocols like WPA2/WPA3, and Bluetooth pairing. The affected product identified by CPE cpe:2.3:a:silicon_labs:rs9116_sdk:*:*:*:*:*:*:*:* encompasses all SDK versions through 2.13.1.

RemediationAI

Upgrade to RS9116 SDK version 2.13.2 or later, which addresses the HRNG timing vulnerability in power save mode. Patched firmware and SDK components are available from the Silicon Labs WiseConnect GitHub repository at https://github.com/SiliconLabs/wiseconnect-wifi-bt-sdk/. Consult the vendor advisory at https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/069Vm00000nIg6IIAS for migration guidance and compatibility notes. If immediate patching is not feasible, DISABLE POWER SAVE MODE on RS9116 modules to eliminate timing constraints on the HRNG-this trades increased power consumption for restored entropy quality and is suitable for mains-powered deployments but degrades battery life in portable devices. Additionally, implement application-layer cryptographic key diversification using external entropy sources (host MCU TRNG, server-provided session material) to reduce reliance on the module's HRNG-this requires application code changes and does not fully mitigate the vulnerability but provides defense-in-depth. Audit existing deployed devices for power save configuration and prioritize firmware updates for battery-operated units in security-sensitive roles.

Share

CVE-2026-3290 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy