CVE-2023-41097 is a medium-severity vulnerability identified in the Silicon Labs GSDK (Gecko SDK) up to version 4.4.0, affecting ARM-based platforms. The vulnerability arises from an observable timing discrepancy related to cryptographic operations using CBC mode with PKCS7 padding. Specifically, the issue is classified under CWE-208 (Observable Timing Discrepancy) and CWE-327 (Use of a Broken or Risky Cryptographic Algorithm). This timing discrepancy can be exploited as a covert timing channel, enabling an attacker to perform a Padding Oracle Crypto Attack. Such an attack allows an adversary to decrypt ciphertexts without knowledge of the encryption key by analyzing the time taken by the system to process different padding scenarios. The vulnerability stems from the cryptographic implementation in the GSDK, where the time taken to validate padding leaks information about the plaintext. While no known exploits are currently reported in the wild, the vulnerability poses a risk to confidentiality by potentially exposing sensitive encrypted data. The attack vector requires the attacker to interact with the cryptographic service, likely needing to send crafted ciphertexts and observe response times. The vulnerability does not appear to require authentication but does require the ability to interact with the affected cryptographic functions. No official patches or fixes have been published at the time of this report, and the issue was reserved in August 2023 and publicly disclosed in December 2023.

For European organizations, the primary impact of CVE-2023-41097 is the potential compromise of confidentiality of sensitive data protected by the affected cryptographic routines in Silabs GSDK on ARM devices. This SDK is commonly used in embedded systems, IoT devices, and industrial control systems, which are prevalent across sectors such as manufacturing, energy, healthcare, and smart infrastructure in Europe. Successful exploitation could lead to exposure of encrypted communications or stored data, undermining data privacy and potentially violating GDPR requirements. Additionally, organizations relying on Silabs GSDK for secure firmware or device authentication might face risks of unauthorized data disclosure or manipulation. While the vulnerability does not directly affect availability or integrity, the loss of confidentiality can have cascading effects, including loss of trust, regulatory penalties, and potential targeted attacks leveraging decrypted information. The lack of known exploits suggests a window for proactive mitigation, but the covert nature of the timing attack means detection may be challenging. European critical infrastructure and industries with high deployment of ARM-based embedded devices using Silabs GSDK are particularly at risk.

1. Immediate mitigation should focus on minimizing exposure of the vulnerable cryptographic functions by restricting access to interfaces that process encrypted data, especially from untrusted sources. 2. Implement network-level controls such as rate limiting and anomaly detection to identify unusual patterns that could indicate timing attack attempts. 3. Where possible, replace or upgrade cryptographic implementations to use authenticated encryption modes (e.g., AES-GCM) that are not vulnerable to padding oracle attacks. 4. If upgrading the GSDK is not immediately feasible, apply application-level mitigations such as constant-time padding validation routines to eliminate timing discrepancies. 5. Conduct thorough code reviews and penetration testing focusing on cryptographic operations to identify similar timing side-channels. 6. Monitor vendor communications closely for patches or updates addressing this vulnerability and plan prompt deployment once available. 7. For devices in critical roles, consider network segmentation and enhanced monitoring to limit attacker access. 8. Educate development and security teams about the risks of timing attacks and secure cryptographic practices to prevent recurrence.