Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM (Firmware Update File Parser modules) allows Code Injection, Authentication Bypass.This issue affects "Standalone" and "Application" versions of Gecko Bootloader.
History

Thu, 03 Oct 2024 14:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:silabs:gecko_bootloader:*:*:*:*:*:*:*:*
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 25 Sep 2024 16:30:00 +0000

Type Values Removed Values Added
Description Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM (Firmware Update File Parser modules) allows Code Injection, Authentication Bypass.This issue affects "Standalone" and "Application" versions of Gecko Bootloader. Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM (Firmware Update File Parser modules) allows Code Injection, Authentication Bypass.This issue affects "Standalone" and "Application" versions of Gecko Bootloader.
Weaknesses CWE-913

cve-icon MITRE

Status: PUBLISHED

Assigner: Silabs

Published: 2023-08-23T04:09:12.180Z

Updated: 2024-10-03T14:08:22.261Z

Reserved: 2023-08-01T13:45:33.620Z

Link: CVE-2023-4041

cve-icon Vulnrichment

Updated: 2024-08-02T07:17:11.849Z

cve-icon NVD

Status : Modified

Published: 2023-08-23T05:15:47.990

Modified: 2024-11-21T08:34:16.910

Link: CVE-2023-4041

cve-icon Redhat

No data.