exploitDog

CVE-2023-3488

Опубликовано: 28 июл. 2023

Источник: nvd

CVSS3: 3.8

CVSS3: 5.5

EPSS Низкий

Описание

Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file.

Ссылки

https://community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000Wi3HwQAJ?operationContext=S1
Permissions Required
https://github.com/SiliconLabs/gecko_sdk/releases
Release Notes
https://community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000Wi3HwQAJ?operationContext=S1
Permissions Required
https://github.com/SiliconLabs/gecko_sdk/releases
Release Notes

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:silabs:gecko_software_development_kit:*:*:*:*:*:*:*:*

Версия до 4.3.0 (включая)

EPSS

Процентиль: 23%

0.00076

Низкий

3.8 Low

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-908

CWE-908

Связанные уязвимости

GHSA-p3wg-g3gr-3fxj

CVSS3: 3.8

github

больше 2 лет назад

Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file.

EPSS

Процентиль: 23%

0.00076

Низкий

3.8 Low

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-908

CWE-908