CVE-2025-12986 identifies a denial of service vulnerability in the silabs.com Gecko SDK, specifically impacting WF200 and WGM160P wireless devices when configured as Access Points. The root cause is an insufficient resource pool (CWE-410) that fails to handle malformed packets properly, leading to resource exhaustion or instability. When exploited, the device may crash or become unresponsive, disrupting wireless network availability. The device may recover automatically or require a manual hard reset, which could cause operational downtime. The vulnerability is remotely exploitable without authentication or user interaction, increasing its risk profile. The CVSS 4.0 vector indicates attack vector as adjacent network (AV:A), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), and high impact on availability (VA:H). No known exploits have been reported yet, but the vulnerability's nature makes it a potential target for attackers aiming to disrupt wireless infrastructure. The affected Gecko SDK is commonly used in embedded wireless modules for IoT and industrial applications, making this a concern for environments relying on these devices for network connectivity and control.

For European organizations, the primary impact is denial of service on wireless access points using the affected silabs.com Gecko SDK devices. This can lead to network outages, loss of connectivity for IoT devices, and potential disruption of critical industrial or commercial operations relying on these wireless networks. Organizations in sectors such as manufacturing, smart cities, healthcare, and utilities that deploy WF200/WGM160P modules may experience operational downtime and reduced service availability. The lack of authentication requirement and ease of exploitation over adjacent networks increase the risk of targeted attacks in environments where these devices are exposed. Although no data confidentiality or integrity impact is indicated, the availability disruption could have cascading effects on business continuity and safety systems. Recovery may require manual intervention, increasing operational overhead and incident response costs.

1. Monitor silabs.com communications for official patches or firmware updates addressing CVE-2025-12986 and apply them promptly once available. 2. Limit network exposure of WF200/WGM160P devices by segmenting wireless access points from untrusted or public networks using VLANs or firewall rules. 3. Implement network intrusion detection systems (NIDS) to identify and block malformed packets targeting these devices. 4. Regularly audit wireless device configurations to ensure they are not unnecessarily exposed or operating in Access Point mode unless required. 5. Develop incident response procedures to quickly identify and recover from device outages, including automated reboot scripts if supported. 6. Engage with silabs.com support for guidance on interim mitigations or configuration changes that reduce resource exhaustion risk. 7. Consider alternative hardware or SDK versions if patching is delayed and the risk is unacceptable for critical deployments.