Cyber Resilience

CVE-2026-47154

High

Published: 25 June 2026

Published
25 June 2026
Modified
25 June 2026
KEV Added
Patch
CVSS Score v4 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0025 16.1th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-47154 is a high-severity Out-of-bounds Read (CWE-125) vulnerability in Silabs Emberznet. Its CVSS base score is 7.1 (High).

Operationally, ranked at the 16.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

In EmberZNet v9.0.2 and earlier, a malformed GetProfileResponse message can trigger out-of-bounds reads while iterating interval entries and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to…

more

the sender was observed. Only devices supporting the Simple Metering cluster may be impacted.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

silabs
emberznet
≤ 9.0.2

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References