CVE-2025-7964 (GCVE-0-2025-7964)

Vulnerability from cvelistv5 – Published: 2026-01-30 15:02 – Updated: 2026-01-30 15:36
VLAI
Title
Zigbee Router Denial of Service
Summary
After receiving a malformed 802.15.4 MAC Data Request the Zigbee Coordinator sends a ‘network leave’ request to Zigbee router resulting in the Zigbee Router getting stuck in a non-rejoinable state. If a suitable parent is not available, the end devices will be unable to rejoin. A manual recommissioning is required to recover the Zigbee Router.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-229 - Improper Handling of Values
Assigner
References
URL Tags
https://community.silabs.com/068Vm00000dspiL vendor-advisorypermissions-required
Impacted products
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-7964",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-30T15:36:24.476564Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-30T15:36:46.637Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageName": "GSDK",
          "product": "Silicon Labs Zigbee Stack",
          "repo": "https://github.com/SiliconLabs/gecko_sdk",
          "vendor": "silabs.com",
          "versions": [
            {
              "lessThanOrEqual": "4.4.6",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "packageName": "SiSDK",
          "product": "Silicon Labs Zigbee Stack",
          "repo": "https://github.com/SiliconLabs/simplicity_sdk",
          "vendor": "silabs.com",
          "versions": [
            {
              "lessThanOrEqual": "2025.6.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003eAfter receiving a \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003emalformed 802.15.4 MAC Data Request\u003c/span\u003e\n\n the Zigbee Coordinator sends a \u2018network leave\u2019 request to Zigbee router resulting in the Zigbee Router getting stuck in a non-rejoinable state. If a suitable parent is not available, the end devices will be unable to rejoin.\u0026nbsp;A manual recommissioning is required to recover the Zigbee Router.\u003c/div\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "After receiving a \n\nmalformed 802.15.4 MAC Data Request\n\n the Zigbee Coordinator sends a \u2018network leave\u2019 request to Zigbee router resulting in the Zigbee Router getting stuck in a non-rejoinable state. If a suitable parent is not available, the end devices will be unable to rejoin.\u00a0A manual recommissioning is required to recover the Zigbee Router."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-153",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-153 Input Data Manipulation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.2,
            "baseSeverity": "CRITICAL",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-229",
              "description": "CWE-229: Improper Handling of Values",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-30T15:02:53.825Z",
        "orgId": "030b2754-1501-44a4-bef8-48be86a33bf4",
        "shortName": "Silabs"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "permissions-required"
          ],
          "url": "https://community.silabs.com/068Vm00000dspiL"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Zigbee Router Denial of Service",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "030b2754-1501-44a4-bef8-48be86a33bf4",
    "assignerShortName": "Silabs",
    "cveId": "CVE-2025-7964",
    "datePublished": "2026-01-30T15:02:53.825Z",
    "dateReserved": "2025-07-21T17:44:17.730Z",
    "dateUpdated": "2026-01-30T15:36:46.637Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-7964",
      "date": "2026-06-30",
      "epss": "0.00276",
      "percentile": "0.19313"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-7964\",\"sourceIdentifier\":\"product-security@silabs.com\",\"published\":\"2026-01-30T16:16:11.960\",\"lastModified\":\"2026-06-17T10:06:03.520\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"After receiving a \\n\\nmalformed 802.15.4 MAC Data Request\\n\\n the Zigbee Coordinator sends a \u2018network leave\u2019 request to Zigbee router resulting in the Zigbee Router getting stuck in a non-rejoinable state. If a suitable parent is not available, the end devices will be unable to rejoin.\u00a0A manual recommissioning is required to recover the Zigbee Router.\"},{\"lang\":\"es\",\"value\":\"Despu\u00e9s de recibir una 802.15.4 MAC Data Request malformada, el Coordinador Zigbee env\u00eda una solicitud de \u0027abandono de red\u0027 al router Zigbee, lo que resulta en que el Router Zigbee queda atascado en un estado no reconectable. Si un padre adecuado no est\u00e1 disponible, los dispositivos finales no podr\u00e1n reconectarse. Se requiere una reconfiguraci\u00f3n manual para recuperar el Router Zigbee.\"}],\"affected\":[{\"source\":\"product-security@silabs.com\",\"affectedData\":[{\"vendor\":\"silabs.com\",\"product\":\"Silicon Labs Zigbee Stack\",\"defaultStatus\":\"unaffected\",\"packageName\":\"GSDK\",\"repo\":\"https://github.com/SiliconLabs/gecko_sdk\",\"versions\":[{\"version\":\"0\",\"lessThanOrEqual\":\"4.4.6\",\"versionType\":\"semver\",\"status\":\"affected\"}]},{\"vendor\":\"silabs.com\",\"product\":\"Silicon Labs Zigbee Stack\",\"defaultStatus\":\"unaffected\",\"packageName\":\"SiSDK\",\"repo\":\"https://github.com/SiliconLabs/simplicity_sdk\",\"versions\":[{\"version\":\"0\",\"lessThanOrEqual\":\"2025.6.1\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"product-security@silabs.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":9.2,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"HIGH\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-01-30T15:36:24.476564Z\",\"id\":\"CVE-2025-7964\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"product-security@silabs.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-229\"}]}],\"references\":[{\"url\":\"https://community.silabs.com/068Vm00000dspiL\",\"source\":\"product-security@silabs.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-7964\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-01-30T15:36:24.476564Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-01-30T15:36:35.768Z\"}}], \"cna\": {\"title\": \"Zigbee Router Denial of Service\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"capecId\": \"CAPEC-153\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-153 Input Data Manipulation\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 9.2, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H\", \"exploitMaturity\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"HIGH\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"repo\": \"https://github.com/SiliconLabs/gecko_sdk\", \"vendor\": \"silabs.com\", \"product\": \"Silicon Labs Zigbee Stack\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.4.6\"}], \"packageName\": \"GSDK\", \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://github.com/SiliconLabs/simplicity_sdk\", \"vendor\": \"silabs.com\", \"product\": \"Silicon Labs Zigbee Stack\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"2025.6.1\"}], \"packageName\": \"SiSDK\", \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://community.silabs.com/068Vm00000dspiL\", \"tags\": [\"vendor-advisory\", \"permissions-required\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"After receiving a \\n\\nmalformed 802.15.4 MAC Data Request\\n\\n the Zigbee Coordinator sends a \\u2018network leave\\u2019 request to Zigbee router resulting in the Zigbee Router getting stuck in a non-rejoinable state. If a suitable parent is not available, the end devices will be unable to rejoin.\\u00a0A manual recommissioning is required to recover the Zigbee Router.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cdiv\u003eAfter receiving a \\n\\n\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003emalformed 802.15.4 MAC Data Request\u003c/span\u003e\\n\\n the Zigbee Coordinator sends a \\u2018network leave\\u2019 request to Zigbee router resulting in the Zigbee Router getting stuck in a non-rejoinable state. If a suitable parent is not available, the end devices will be unable to rejoin.\u0026nbsp;A manual recommissioning is required to recover the Zigbee Router.\u003c/div\u003e\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-229\", \"description\": \"CWE-229: Improper Handling of Values\"}]}], \"providerMetadata\": {\"orgId\": \"030b2754-1501-44a4-bef8-48be86a33bf4\", \"shortName\": \"Silabs\", \"dateUpdated\": \"2026-01-30T15:02:53.825Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-7964\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-30T15:36:46.637Z\", \"dateReserved\": \"2025-07-21T17:44:17.730Z\", \"assignerOrgId\": \"030b2754-1501-44a4-bef8-48be86a33bf4\", \"datePublished\": \"2026-01-30T15:02:53.825Z\", \"assignerShortName\": \"Silabs\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…