Simplicity Studio V5
Monthly
A command injection vulnerability exists in Silicon Labs Simplicity Studio V5 and Simplicity Installer Tool for Simplicity Studio V6, where vulnerable endpoints accept user-controlled input through URLs in JSON format, enabling arbitrary command execution. An attacker on the same network can exploit this to execute system commands, though parameter passing is restricted. While CVSS scoring is unavailable, the vulnerability represents a significant local network threat to development environments using these tools.
A command injection vulnerability exists in Silicon Labs Simplicity Studio V5 and Simplicity Installer Tool for Simplicity Studio V6, where vulnerable endpoints accept user-controlled input through URLs in JSON format, enabling arbitrary command execution. An attacker on the same network can exploit this to execute system commands, though parameter passing is restricted. While CVSS scoring is unavailable, the vulnerability represents a significant local network threat to development environments using these tools.