An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region.
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HSilabs Gecko Software Development Kit
APPSilabs1.0.0 – 4.3.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2023-45318CRITICAL10.0PL ✓ten sam produkt
Heap-based buffer overflow w serwerze HTTP biblioteki uC-HTTP — RCE
CVE-2023-4020CRITICAL9.0PL ✓ten sam produkt
Błąd walidacji wejścia w TrustZone SDK Silicon Labs — dostęp do pamięci bezpiecznej
CVE-2023-27882CRITICAL9.0ten sam produkt
A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Emb...
CVE-2023-28379CRITICAL9.0ten sam produkt
A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-...
CVE-2023-25181CRITICAL9.0ten sam produkt
A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP ...