CVE-2025-7964 is a critical vulnerability identified in the Silicon Labs Zigbee Stack, specifically related to the handling of malformed 802.15.4 MAC Data Request frames by the Zigbee Coordinator. When the Coordinator receives such a malformed request, it erroneously issues a 'network leave' command to a Zigbee Router. This causes the Router to enter a non-rejoinable state, effectively removing it from the Zigbee mesh network. Since Zigbee networks rely on hierarchical parent-child relationships for device connectivity, if the Router cannot rejoin and no alternative parent is available, the end devices connected through that Router lose network connectivity and cannot rejoin automatically. This results in a denial of service condition affecting network availability. The vulnerability is classified under CWE-229 (Improper Handling of Values), indicating that the stack does not correctly validate or sanitize input values leading to this state corruption. The CVSS 4.0 base score of 9.2 reflects that the vulnerability is remotely exploitable over the network (AV:N), requires no privileges (PR:N), no user interaction (UI:N), and causes high impact on availability (VA:H). No authentication or user interaction is required, making exploitation straightforward for an attacker with network access to the Zigbee Coordinator. Although no known exploits have been reported in the wild, the potential for disruption in IoT and industrial environments using Silicon Labs Zigbee Stack is significant. The affected versions are not explicitly detailed beyond version '0', suggesting early or all versions of the stack may be impacted. No patches or fixes are currently linked, indicating that mitigation strategies must be applied at the network or operational level until vendor remediation is available.

For European organizations, especially those deploying Zigbee-based IoT devices in smart buildings, industrial automation, energy management, or critical infrastructure, this vulnerability poses a severe risk to network availability. Disruption of Zigbee Routers can cause cascading connectivity failures for end devices, leading to loss of monitoring, control, or automation capabilities. This can impact operational continuity, safety systems, and energy efficiency measures. In sectors like manufacturing, utilities, and smart cities, such outages could result in financial losses, safety hazards, and regulatory non-compliance. The ease of exploitation without authentication means attackers with local network access or compromised devices could trigger widespread network outages. Additionally, manual recommissioning requirements increase operational overhead and downtime. Given the growing adoption of Zigbee in European IoT deployments, the vulnerability could affect a broad range of organizations, from SMEs to large enterprises, particularly those relying on Silicon Labs hardware or software stacks.

1. Implement network segmentation to isolate Zigbee Coordinator devices from untrusted or less secure network segments, reducing exposure to malformed packets. 2. Deploy intrusion detection or anomaly detection systems capable of identifying malformed 802.15.4 MAC frames or unusual 'network leave' commands within Zigbee traffic. 3. Monitor Zigbee network health continuously to detect Router disconnections promptly and initiate rapid response procedures. 4. Prepare operational playbooks for manual recommissioning of Zigbee Routers to minimize downtime in case of exploitation. 5. Engage with Silicon Labs for updates or patches and apply them promptly once available. 6. Where possible, employ Zigbee stack versions with improved input validation or alternative vendor stacks not affected by this vulnerability. 7. Limit physical and network access to Zigbee Coordinators to trusted personnel and devices to reduce attack surface. 8. Conduct regular security assessments of IoT deployments to identify and remediate similar protocol handling weaknesses. 9. Educate operational technology teams on the implications of this vulnerability and response steps. 10. Consider fallback or redundant communication paths for critical IoT devices to maintain availability during disruptions.