Out-of-bounds Read in Silabs.com Gsdk
CVE-2023-4280
An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region.
Vulnerability class: Buffer Overflow
EPSS: 0.001 (22.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 9.3 (Critical). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H.
Affected products
- Silabs.com Gsdk — versions 1.0
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2023-4280?
- CVE-2023-4280 is a critical-severity vulnerability in Silabs.com Gsdk, classified under Out-of-bounds Read. CVSS score: 9.3/10. Published 2024-01-02.
- How severe is CVE-2023-4280?
- Critical severity. CVSS v3 base score is 9.3 out of 10.