{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-11571", "assignerOrgId": "030b2754-1501-44a4-bef8-48be86a33bf4", "state": "PUBLISHED", "assignerShortName": "Silabs", "dateReserved": "2025-10-09T16:26:44.833Z", "datePublished": "2026-03-24T16:26:32.789Z", "dateUpdated": "2026-03-24T17:43:07.517Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "030b2754-1501-44a4-bef8-48be86a33bf4", "shortName": "Silabs", "dateUpdated": "2026-03-24T16:26:32.789Z"}, "title": "Command Execution vulnerability in Simplicity Installer", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "affected": [{"vendor": "silabs.com", "product": "Simplicity Studio v5", "versions": [{"status": "affected", "version": "0", "lessThanOrEqual": "5.11.2.1", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "silabs.com", "product": "Simplicity Installer tool (Silicon Labs Tool - SLT) for Simplicity Studio v6", "versions": [{"status": "affected", "version": "0", "lessThanOrEqual": "1.0.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Vulnerable endpoints accept user-controlled input through a URL in JSON format which enables command execution. The commands allowed to execute can open executables. However, the commands cannot pass parameters or arguments.\u00a0\nTo successfully execute this attack, the attacker needs to be on the same network.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Vulnerable endpoints accept user-controlled input through a URL in JSON format which enables command execution. The commands allowed to execute can open executables. However, the commands cannot pass parameters or arguments.&nbsp;<br>To successfully execute this attack, the attacker needs to be on the same network.&nbsp;"}]}], "references": [{"url": "https://community.silabs.com/068Vm00000htltZ", "tags": ["permissions-required", "vendor-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "LOW", "baseScore": 2.1, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-24T17:42:54.893187Z", "id": "CVE-2025-11571", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-24T17:43:07.517Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-11571", "assignerOrgId": "030b2754-1501-44a4-bef8-48be86a33bf4", "state": "PUBLISHED", "assignerShortName": "Silabs", "dateReserved": "2025-10-09T16:26:44.833Z", "datePublished": "2026-03-24T16:26:32.789Z", "dateUpdated": "2026-03-24T17:43:07.517Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "030b2754-1501-44a4-bef8-48be86a33bf4", "shortName": "Silabs", "dateUpdated": "2026-03-24T16:26:32.789Z"}, "title": "Command Execution vulnerability in Simplicity Installer", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "affected": [{"vendor": "silabs.com", "product": "Simplicity Studio v5", "versions": [{"status": "affected", "version": "0", "lessThanOrEqual": "5.11.2.1", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "silabs.com", "product": "Simplicity Installer tool (Silicon Labs Tool - SLT) for Simplicity Studio v6", "versions": [{"status": "affected", "version": "0", "lessThanOrEqual": "1.0.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Vulnerable endpoints accept user-controlled input through a URL in JSON format which enables command execution. The commands allowed to execute can open executables. However, the commands cannot pass parameters or arguments.\u00a0\nTo successfully execute this attack, the attacker needs to be on the same network.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Vulnerable endpoints accept user-controlled input through a URL in JSON format which enables command execution. The commands allowed to execute can open executables. However, the commands cannot pass parameters or arguments.&nbsp;<br>To successfully execute this attack, the attacker needs to be on the same network.&nbsp;"}]}], "references": [{"url": "https://community.silabs.com/068Vm00000htltZ", "tags": ["permissions-required", "vendor-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "LOW", "baseScore": 2.1, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-11571", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-24T17:42:54.893187Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-24T17:42:59.016Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Vulnerable endpoints accept user-controlled input through a URL in JSON format which enables command execution. The commands allowed to execute can open executables. However, the commands cannot pass parameters or arguments.\u00a0\nTo successfully execute this attack, the attacker needs to be on the same network."}], "id": "CVE-2025-11571", "lastModified": "2026-03-25T15:41:58.280", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 2.1, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "product-security@silabs.com", "type": "Secondary"}]}, "published": "2026-03-24T17:16:25.863", "references": [{"source": "product-security@silabs.com", "url": "https://community.silabs.com/068Vm00000htltZ"}], "sourceIdentifier": "product-security@silabs.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "product-security@silabs.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,1.0.1]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "Simplicity Installer tool (Silicon Labs Tool - SLT) for Simplicity Studio v6", "source": "cna", "vendor": "silabs.com"}, "product": "simplicity_installer_tool_for_simplicity_studio_v6", "vendor": "silabs"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,5.11.2.1]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "Simplicity Studio v5", "source": "cna", "vendor": "silabs.com"}, "product": "simplicity_studio_v5", "vendor": "silabs"}], "analysis": {"en": {"generated_at": "2026-03-24T18:52:52.909059+00:00", "value": {"mitigation_remediation": ["Check for and install any updates to Simplicity Studio or the Installer component that remove the vulnerable JSON endpoint.", "Restrict network access to the installer\u2019s HTTP service to trusted hosts only, using firewall rules or network segmentation.", "If possible, disable or block the JSON URL endpoint to eliminate the attack surface while a patch is pending.", "Monitor network traffic for unusual JSON requests targeting the installer service and investigate any anomalies."], "summary": {"action": "Assess Impact", "impact": "Command Execution"}, "threat_synthesis": {"affected_systems": "The weakness affects Silicon Labs\u2019 Simplicity Installer tool that ships with Simplicity Studio version 6 and earlier version 5. No specific software revisions are listed, so all builds that include the vulnerable installer component are potentially impacted.", "description_and_impact": "Vulnerable endpoints in the Simplicity Installer accept JSON data that contains a URL, allowing the payload to be interpreted and executed as a command. The commands that can run are limited to opening executables; parameters or arguments cannot be supplied. This flaw therefore permits an attacker to launch predefined executable actions from within the installer environment, potentially compromising system integrity if the attacker can choose arbitrary executables. The vulnerability is exploitable only when the attacker can reach the target through the network that hosts the installer service, which narrows the threat to local\u2011network adversaries.", "risk_and_exploitability": "The CVSS score of 2.1 indicates that the flaw is considered low severity. While no EPSS value is available and the vulnerability is not cataloged in the CISA KEV list, the exploit is straightforward: an attacker on the same network can send a crafted JSON request to the exposed endpoint, triggering execution of a limited set of commands. Because the attack requires local network proximity and offers no parameter control, the overall risk to remote adversaries is minimal, but local attackers could use the flaw to run executables that may aid further compromise within the network."}}}}, "created": "2026-03-25T11:47:02.196624+00:00", "updated": "2026-03-25T20:49:47.995338+00:00", "vendors": ["silabs", "silabs$PRODUCT$simplicity_installer_tool_for_simplicity_studio_v6", "silabs$PRODUCT$simplicity_studio_v5"]}