CVE-2025-14857

Name: CVE-2025-14857
Creator: NVD / NIST
Published: 2026-04-07T20:16:21.253+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 5.4/10EPSS 0.24%

Last modified Jun 17, 2026

This CVE is reserved or awaiting analysis. Details will appear once published by NVD.

Description

An improper access control vulnerability exists in Semtech LoRa LR11xxx transceivers running early versions of firmware where the memory write command accessible via the physical SPI interface fails to enforce write protection on the program call stack. An attacker with physical access to the SPI interface can overwrite stack memory to hijack program control flow and achieve limited arbitrary code execution. However, the impact is limited to the active attack session: the device's secure boot mechanism prevents persistent firmware modification, the crypto engine isolates cryptographic keys from direct firmware access, and all modifications are lost upon device reboot or loss of physical access.

Metrics

CVSS 4.0

5.4/10

CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:D/RE:M/U:X

EPSS Probability

0.24%

15.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-123

References

https://www.semtech.com/company/security/security-bulletins/sem-psa-2026-001

Timeline

Published: Apr 7, 2026
Last Modified: Jun 17, 2026
Status: Awaiting Analysis

Are you affected by CVE-2025-14857?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST