+ "details": "### Summary\nA vulnerability exists in the Differential Power Analysis (DPA) countermeasures implemented within the hardware symmetric cryptographic (SYMCRYPTO) engine of Silicon Labs SixG301xxx devices. The masking or blinding sequences used to protect the cryptographic operations against side-channel analysis lack sufficient randomness and will eventually repeat. \n\n### Impact\nAn attacker with physical access to the device can perform Differential Power Analysis (DPA) to observe power consumption patterns over multiple operations. Because the side-channel protection sequences eventually repeat, the attacker can filter out the noise and extract sensitive cryptographic keys. Specifically, Key Storage Unit (KSU) keys wrapped or processed using the SYMCRYPTO engine are vulnerable to compromise through this flaw.\n\n### Remediation\nRefer to the Silicon Labs Community Advisory and official technical support channels to obtain firmware or SDK updates containing a revised cryptographic library or microcode patch that forces proper high-entropy seeding for the SYMCRYPTO DPA masking mechanisms.",
0 commit comments