CVE-2025-3873 is a medium-severity vulnerability affecting Silicon Labs' WiseConnect software stack, specifically versions prior to 3.4.0, including version 3.0.0. The vulnerability arises from an out-of-bounds write (CWE-787) in several cryptographic APIs: sl_si91x_aes, sl_si91x_gcm, sl_si91x_ccm, and sl_si91x_sha. These APIs fail to properly validate the size of the output buffer provided by the caller, which can lead to data corruption on the host Cortex-M4 application. The affected device is the Silicon Labs SiWx91x wireless microcontroller. The vulnerability does not require user interaction or authentication but does require low-level privileges (PR:L) to exploit. The CVSS 4.0 base score is 6.0, indicating a medium severity level. The attack vector is network-based (AV:N), but the attack complexity is high (AC:H), meaning exploitation requires specific conditions or expertise. The impact on confidentiality is low, but the impact on integrity and availability is high, as data corruption could cause application malfunction or denial of service. No known exploits are currently reported in the wild, and no patches are linked yet, though the issue is reserved and published as of mid-2025. The vulnerability affects cryptographic operations, which are critical for secure communications and data protection in embedded IoT and wireless devices using the SiWx91x platform.

For European organizations, the impact of CVE-2025-3873 could be significant in sectors relying on Silicon Labs SiWx91x-based devices, such as industrial automation, smart metering, building automation, and IoT deployments. Data corruption in cryptographic functions can lead to failures in secure communications, potentially causing device malfunctions, loss of data integrity, or denial of service. This could disrupt critical infrastructure operations or compromise the reliability of security-sensitive applications. Since the vulnerability affects the host Cortex-M4 application, it may also open avenues for further exploitation or system instability. Organizations using these devices in networked environments may face operational disruptions and increased risk of cascading failures. The medium severity rating suggests that while the vulnerability is not trivially exploitable, the consequences of exploitation could be impactful, especially in environments where device reliability and data integrity are paramount.

European organizations should take proactive steps to mitigate this vulnerability: 1) Identify all devices and systems using Silicon Labs SiWx91x microcontrollers with WiseConnect versions prior to 3.4.0. 2) Coordinate with Silicon Labs for timely updates or patches; monitor official channels for patch releases. 3) Until patches are available, implement network segmentation and strict access controls to limit exposure of vulnerable devices to untrusted networks. 4) Employ runtime integrity monitoring on host Cortex-M4 applications to detect anomalous behavior or data corruption early. 5) Conduct thorough testing of cryptographic functions in affected devices to identify potential failures. 6) Where feasible, replace or upgrade devices to versions with fixed firmware. 7) Incorporate vulnerability scanning and asset management tools to maintain visibility of affected devices. 8) Educate operational technology (OT) and IoT security teams about the risks and signs of exploitation related to this vulnerability. These targeted measures go beyond generic advice by focusing on device identification, network isolation, and proactive monitoring specific to the SiWx91x platform and its cryptographic APIs.