CRITICAL🇵🇱 Wersja polska

CVE-2023-4280

CVSS 9.3v3.1pub. 2024-01-02upd. 2024-11-21

An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Silabs Gecko Software Development Kit

    APP
    Silabs
    1.0.0 – 4.3.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-45318CRITICAL10.0PL ✓ten sam produkt

Heap-based buffer overflow w serwerze HTTP biblioteki uC-HTTP — RCE

CVE-2023-4020CRITICAL9.0PL ✓ten sam produkt

Błąd walidacji wejścia w TrustZone SDK Silicon Labs — dostęp do pamięci bezpiecznej

CVE-2023-27882CRITICAL9.0ten sam produkt

A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Emb...

CVE-2023-28379CRITICAL9.0ten sam produkt

A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-...

CVE-2023-25181CRITICAL9.0ten sam produkt

A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP ...