Cyber Resilience

CVE-2025-3301

Low

Published: 29 April 2025

Published
29 April 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 1.0 CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0029 52.9th percentile
Risk Priority 2 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-3301 is a low-severity Comparison Logic is Vulnerable to Power Side-Channel Attacks (CWE-1255) vulnerability in Silabs (inferred from references). Its CVSS base score is 1.0 (Low).

Operationally, ranked in the top 47.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

DPA countermeasures are unavailable for ECDH key agreement and EdDSA signing operations on Curve25519 and Curve448 on all Series 2 modules and SoCs due to a lack of hardware and software support. A successful DPA attack may result in exposure…

more

of confidential information. The best practice is to use the impacted crypto curves and operations with ephemeral keys to reduce the number of DPA traces that can be collected.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

Silabs
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References