Strong
Tensilica was acquired by Cadence Design Systems, Inc., in 2013. Cadence is actively investing in the innovative Tensilica processor architecture, as well as hiring new engineers and marketing people. Please see www.cadence.com for more information
Strong
As a market leader and global supplier of advanced micro-acoustic, audio processing, and specialty component solutions, serving the mobile consumer electronics, communications, medical, military, aerospace, and industrial markets, Knowles has achieved excellence for nearly 70 years. We strive to continuously reinvent our industry, and develop technology that improves the audio experience. Today, Knowles products are used by more than one billion people worldwide every day, enhancing how they interact with the world around them. Headquartered in Itasca, Illinois, Knowles has nearly 12,000 employees across 15 countries, including more than 800 engineers dedicated to pioneering acoustics and audio technology. This R&D investment, coupled with our state-of-the-art manufacturing facilities around the world, enable us to deliver advanced MEMS microphones, balanced armature speakers, voice processing and algorithms, and capacitors and timing devices. We see possibility in unexpected places, and are unified by a spirit of innovation to constantly push boundaries, drive the industry forward and enable people to experience improved voice and audio quality in every facet of their lives. We transform the way people communicate, interact with technology and enjoy sound. We are Knowles.
Security & Compliance Standards Overview
No incidents recorded for Tensilica in 2025.
No incidents recorded for Knowles Intelligent Audio in 2025.
Tensilica cyber incidents detection timeline including parent company and subsidiaries
Knowles Intelligent Audio cyber incidents detection timeline including parent company and subsidiaries
Last 3 Security & Risk Events by Company
Improper Protection Against Voltage and Clock Glitches in FPGA devices, could allow an attacker with physical access to undervolt the platform resulting in a loss of confidentiality.
Malicious code was inserted into the Nx (build system) package and several related plugins. The tampered package was published to the npm software registry, via a supply-chain attack. Affected versions contain code that scans the file system, collects credentials, and posts them to GitHub as a repo under user's accounts.
Flag Forge is a Capture The Flag (CTF) platform. In versions from 2.1.0 to before 2.3.0, the API endpoint GET /api/problems/:id returns challenge hints in plaintext within the question object, regardless of whether the user has unlocked them via point deduction. Users can view all hints for free, undermining the business logic of the platform and reducing the integrity of the challenge system. This issue has been patched in version 2.3.0.
Flag Forge is a Capture The Flag (CTF) platform. In version 2.1.0, the /api/admin/assign-badge endpoint lacks proper access control, allowing any authenticated user to assign high-privilege badges (e.g., Staff) to themselves. This could lead to privilege escalation and impersonation of administrative roles. This issue has been patched in version 2.2.0.
parse is a package designed to parse JavaScript SDK. A Prototype Pollution vulnerability in the SingleInstanceStateController.initializeState function of parse version 5.3.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS) as the minimum consequence.
