← back
CVE-2023-4280

Unvalidated input in Silicon Labs TrustZone implementation leads to accessing Trusted memory region

CVSS 9.3 CRITICALEPSS 0.4%CWE-125CWE-787
An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region.
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected products
silabs.com · GSDK

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://community.silabs.com/069Vm0000004NinIAEhttps://github.com/SiliconLabs/gecko_sdk