CVE-2022-24936

Published
View on NVD ↗
CVSS v3
8.3
HIGH
CVSS v2
N/A
Affected
1
PROJECT

Description

Out-of-Bounds error in GBL parser in Silicon Labs Gecko Bootloader version 4.0.1 and earlier allows attacker to overwrite flash Sign key and OTA decryption key via malicious bootloader upgrade.

SiliconLabs/gecko_sdk
SiliconLabs/gecko_sdk
The Gecko SDK (GSDK) combines our Series 0 and Series 1 IoT product software development kits (SDKs) based on Gecko Platform into a single, integrated SDK.
GitHubGitHub
440