← volver
CVE-2023-4280

Unvalidated input in Silicon Labs TrustZone implementation leads to accessing Trusted memory region

CVSS 9.3 CRITICALEPSS 0.4%CWE-125CWE-787
An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region.
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Productos afectados
silabs.com · GSDK

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://community.silabs.com/069Vm0000004NinIAEhttps://github.com/SiliconLabs/gecko_sdk