CVE-2025-14055
Awaiting Analysis Awaiting Analysis - Queue

Integer Underflow in Silicon Labs Secure NCP Causes Buffer Overread

Vulnerability report for CVE-2025-14055, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-02-20

Last updated on: 2026-02-20

Assigner: Silicon Graphics (SGI)

Description

An integer underflow vulnerability in Silicon Labs Secure NCP host implementation allows a buffer overread via a specially crafted packet.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-02-20
Last Modified
2026-02-20
Generated
2026-07-06
AI Q&A
2026-02-20
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
silicon_labs secure_ncp *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-191 The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Impact Analysis

The impact of this vulnerability is a buffer overread, which could potentially lead to information disclosure or unexpected behavior in the affected system.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Executive Summary

This vulnerability is an integer underflow in the Silicon Labs Secure NCP host implementation. It allows a buffer overread when a specially crafted packet is processed.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-14055. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart