CVE-2026-47145
Undergoing Analysis Undergoing Analysis - In Progress
EmberZNet Assertion Failure via Malformed Color Control Messages

Publication date: 2026-06-25

Last updated on: 2026-06-25

Assigner: Silicon Graphics (SGI)

Description
In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that terminate the process. These messages must come from a device that has already joined the network. Only devices supporting the Color Control cluster may be impacted.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-25
Last Modified
2026-06-25
Generated
2026-06-25
AI Q&A
2026-06-25
EPSS Evaluated
N/A
NVD
CVE-2026-47145
EUVD
EUVD-2026-39399
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
silicon_labs emberznet 9.0.2
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-617 The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

In EmberZNet version 9.0.2 and earlier, there is a vulnerability where malformed Color Control messages can cause the software to assert and terminate the process unexpectedly.

These malformed messages must originate from a device that has already joined the network, and only devices that support the Color Control cluster are potentially affected.

Impact Analysis

This vulnerability can lead to the termination of the process handling the Color Control messages, which may cause a denial of service or disruption in the affected device's operation.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-47145. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart