CVE-2025-2329

Published: Jul 25, 2025

Modified: Aug 4, 2025

PUBLISHED

Description

In high traffic environments, a Silicon Labs OpenThread RCP (see impacted versions) fails to clear the SPI transmit buffer and may send a corrupt packet over SPI to its host, causing the host to reset the RCP which results in a denial of service.

Vendor	Product	Versions
silabs.com	OpenThread	affected `2.5.0 - <= 2.5.2` affected `2.6.0 - <= 2.6.2` affected `0 - <= 2.4.6`

Weaknesses (CWE)

CWE-908

References

https://github.com/SiliconLabs/simplicity_sdk/releases

release-notes

https://github.com/SiliconLabs/gecko_sdk/releases

release-notes

https://community.silabs.com/069Vm00000SNyueIAD

vendor-advisory

permissions-required

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-2329

Description

Affected Products

Weaknesses (CWE)

References