Don't let your old firmware keep you awake at night
Adversaries may have knowledge of a security flaw found in an older firmware version and attempt to take advantage of it. The adversary attempts to load previously signed to re-open a closed security flaw. Silicon Labs anti-rollback feature makes it possible for developers to prevent the installation of signed code that is older than the current firmware version. This feature addresses a type of vulnerability whereby an adversary attempts to exploit a product through an outdated or flawed version of firmware.
Additionally, Silicon Labs anti-rollback feature mitigates side-channel attacks including differential power analysis by making it virtually impossible for an adversary to repeatedly load old and new firmware to generate trace patterns and obtain confidential keys.
Our Product Security Incident Response Team (PSIRT) is responsible for ensuring the vulnerabilities discovered in our products are mitigated and communicated responsibly. If you detect a security threat, let us know.
Information on how to subscribe to security notices can be found here.