Vulnerability in Semtech Lr1110

CVE-2025-14858

The Semtech LR11xx LoRa transceivers running early versions of firmware contains an information disclosure vulnerability in its firmware validation functionality. When a host issues a firmware validity check command via the SPI interface…

EPSS: 0.000 (3.3th percentile) — read the EPSS interpretation.

Affected products

Semtech Lr1110 — versions 0
Semtech Lr1120 — versions 0
Semtech Lr1121 — versions 0

Weakness classification (CWE)

CWE-226 — Sensitive Information in Resource Not Removed Before Reuse

References

www.semtech.com/company/security/security-bulletins/sem-psa-2026-001