XSS in Silabs.com Simplicity Device Manager

CVE-2025-11004

The Simplicity Device Manager Tool has a Reflected XSS (Cross-site-scripting) vulnerability in several API endpoints. The attacker needs to be on the same network to execute this attack. These APIs can affect confidentiality, integrity, an…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.003 (17.0th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References