CVE-2023-3487

An integer overflow in Silicon Labs Gecko Bootloader version 4.3.1 and earlier allows unbounded memory access when reading from or writing to storage slots.
Configurations

Configuration 1 (hide)

cpe:2.3:a:silabs:gecko_bootloader:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:17

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.8
v2 : unknown
v3 : 7.7
References () https://community.silabs.com/s/contentdocument/0698Y00000ZmXqLQAV - Permissions Required () https://community.silabs.com/s/contentdocument/0698Y00000ZmXqLQAV - Permissions Required
References () https://github.com/SiliconLabs/gecko_sdk/releases - Release Notes () https://github.com/SiliconLabs/gecko_sdk/releases - Release Notes

25 Sep 2024, 16:15

Type Values Removed Values Added
CWE CWE-20
Summary (en) An integer overflow in Silicon Labs Gecko Bootloader version 4.3.1 and earlier allows unbounded memory access when reading from or writing to storage slots. (en) An integer overflow in Silicon Labs Gecko Bootloader version 4.3.1 and earlier allows unbounded memory access when reading from or writing to storage slots.

27 Oct 2023, 18:50

Type Values Removed Values Added
First Time Silabs
Silabs gecko Bootloader
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
CWE CWE-190
References (MISC) https://github.com/SiliconLabs/gecko_sdk/releases - (MISC) https://github.com/SiliconLabs/gecko_sdk/releases - Release Notes
References (MISC) https://community.silabs.com/s/contentdocument/0698Y00000ZmXqLQAV - (MISC) https://community.silabs.com/s/contentdocument/0698Y00000ZmXqLQAV - Permissions Required
CPE cpe:2.3:a:silabs:gecko_bootloader:*:*:*:*:*:*:*:*

20 Oct 2023, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-10-20 15:15

Updated : 2024-11-21 08:17


NVD link : CVE-2023-3487

Mitre link : CVE-2023-3487

CVE.ORG link : CVE-2023-3487


JSON object : View

Products Affected

silabs

  • gecko_bootloader
CWE
CWE-125

Out-of-bounds Read

CWE-787

Out-of-bounds Write

CWE-190

Integer Overflow or Wraparound