Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM (Firmware Update File Parser modules) allows Code Injection, Authentication Bypass.This issue affects "Standalone" and "Application" versions of Gecko Bootloader.
References
Link | Resource |
---|---|
https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000XT8GsQAL?operationContext=S1 | Permissions Required |
Configurations
Configuration 1 (hide)
|
History
25 Sep 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-913 | |
Summary | (en) Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM (Firmware Update File Parser modules) allows Code Injection, Authentication Bypass.This issue affects "Standalone" and "Application" versions of Gecko Bootloader. |
29 Aug 2023, 14:40
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-494 CWE-787 CWE-120 |
|
References | (MISC) https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000XT8GsQAL?operationContext=S1 - Permissions Required | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
First Time |
Silabs gecko Bootloader
Silabs |
|
CPE | cpe:2.3:a:silabs:gecko_bootloader:*:*:*:*:*:*:arm:* |
23 Aug 2023, 05:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-23 05:15
Updated : 2024-09-25 17:15
NVD link : CVE-2023-4041
Mitre link : CVE-2023-4041
CVE.ORG link : CVE-2023-4041
JSON object : View
Products Affected
silabs
- gecko_bootloader