CVE-2023-4280

SiliconLabs/gecko_sdk

on github

Published

January 2, 2024

Severity

CVSS v3:

9.8 CRITICAL

CVSS v2:

N/A

Description

An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region.

References

https://github.com/SiliconLabs/gecko_sdk
https://community.silabs.com/069Vm0000004NinIAE

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:silabs:gecko_software_development_kit::::::::	1.0.0 (including)	4.3.2 (including)	*

External Links

NVD - CVE-2023-4280