Monthly
Predictable cryptographic key generation in Silicon Labs EFR32xG27 wireless SoCs stems from incorrect use of the on-chip PUF (Physical Unclonable Function) when deriving user keys, allowing an adjacent attacker to anticipate or reconstruct keys that should be unique and secret. Affected firmware built with the Silicon Labs SiSDK loses the confidentiality and authentication guarantees of derived keys. No public exploit identified at time of analysis; the issue was self-reported by Silicon Labs and a vendor patch is available.
Predictable cryptographic key generation in Silicon Labs EFR32xG27 wireless SoCs stems from incorrect use of the on-chip PUF (Physical Unclonable Function) when deriving user keys, allowing an adjacent attacker to anticipate or reconstruct keys that should be unique and secret. Affected firmware built with the Silicon Labs SiSDK loses the confidentiality and authentication guarantees of derived keys. No public exploit identified at time of analysis; the issue was self-reported by Silicon Labs and a vendor patch is available.