Lucene search

K
cve[email protected]CVE-2023-3110
HistoryJun 21, 2023 - 8:15 p.m.

CVE-2023-3110

2023-06-2120:15:10
CWE-119
CWE-120
web.nvd.nist.gov
13
silabs
unify gateway
cve-2023-3110
vulnerability
stack buffer overflow
arbitrary code execution
nvd

9.6 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.1%

Description: A vulnerability in SiLabs Unify Gateway 1.3.1 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution.

Affected configurations

NVD
Node
silabsunify_software_development_kitRange1.3.1

CNA Affected

[
  {
    "defaultStatus": "affected",
    "product": "Unify Gateway",
    "vendor": "Silicon Labs",
    "versions": [
      {
        "status": "unaffected",
        "version": "1.3.2"
      }
    ]
  }
]

9.6 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.1%

Related for CVE-2023-3110