QwikSec

Security Database

CVE

CWE

Training

CVE-2025-1221

Published: Jul 30, 2025

Modified: Jul 30, 2025

PUBLISHED

Description

A Zigbee Radio Co-Processor (RCP), which is using SiLabs EmberZNet Zigbee stack, was unable to send messages to the host system (CPCd) due to heavy Zigbee traffic, resulting in a Denial of Service (DoS) attack, Only hard reset will bring the device to normal operation

Vendor	Product	Versions
silabs.com	Zigbee	affected `0 - <= 4.3.3` affected `4.4.3`
silabs.com	Zigbee	affected `0 - <= 2024.6.1`

Weaknesses (CWE)

References

https://www.silabs.com/documents/public/release-notes/emberznet-release-notes-7.4.4.0.pdf

release-notes

https://www.silabs.com/documents/public/release-notes/emberznet-release-notes-8.0.2.0.pdf

release-notes

https://www.silabs.com/documents/public/release-notes/emberznet-release-notes-8.1.0.0.pdf

release-notes

https://community.silabs.com/068Vm00000Sadyn

vendor-advisory

permissions-required

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2025-1221 - Security Vulnerability | QwikSec