CVE-2025-12986
📋 TL;DR
Silicon Labs WF200/WGM160P devices configured as Access Points are vulnerable to denial of service attacks via malformed packets. This can cause device crashes requiring hard resets, affecting organizations using these specific wireless modules in AP mode.
💻 Affected Systems
- Silicon Labs WF200
- Silicon Labs WGM160P
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Permanent device failure requiring physical intervention and replacement, disrupting critical wireless infrastructure.
Likely Case
Temporary service disruption with automatic recovery or manual reset needed, causing network downtime.
If Mitigated
Minimal impact with proper network segmentation and monitoring allowing quick detection and response.
🎯 Exploit Status
Malformed packet attacks typically require network access but no authentication
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: N/A
Vendor Advisory: https://community.silabs.com/068Vm00000akaGr
Restart Required: No
Instructions:
Monitor Silicon Labs community for firmware updates. No official patch available at this time.
🔧 Temporary Workarounds
Reconfigure device mode
allChange device configuration from Access Point mode to Station mode or other non-AP modes
Consult device configuration documentation for mode change procedures
Network segmentation
allIsolate vulnerable devices in separate network segments with strict access controls
Configure firewall rules to restrict traffic to vulnerable devices
🧯 If You Can't Patch
- Implement strict network access controls to limit who can send packets to these devices
- Deploy network monitoring to detect malformed packet attacks and anomalous traffic patterns
🔍 How to Verify
Check if Vulnerable:
Check device configuration to confirm if operating in Access Point modeCheck Version:
Consult device documentation for firmware version check commandsVerify Fix Applied:
Verify device is no longer configured as Access Point or has updated firmware📡 Detection & Monitoring
Log Indicators:
- Device crash logs
- Unexpected reboots
- Connection drops
Network Indicators:
- Malformed packet patterns
- Unusual traffic spikes to device management interfaces
SIEM Query:
N/A - device-specific logging required