Lucene search

[email protected]CVE-2023-5138

HistoryJan 03, 2024 - 11:15 p.m.

CVE-2023-5138

2024-01-0323:15:08

CWE-909

[email protected]

web.nvd.nist.gov

nvd

cve-2023-5138

glitch detection

cortexm33

silicon labs

efx32xg2xb

efr32xg21b

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

20.7%

JSON

Glitch detection is not enabled by default for the CortexM33 core in Silicon Labs secure vault high parts EFx32xG2xB, except EFR32xG21B.

CPENameOperatorVersion
silabs:gecko_software_development_kitsilabs gecko software development kitlt4.4.0
silabs:gecko_software_development_kitsilabs gecko software development kiteq4.2.2
silabs:gecko_software_development_kitsilabs gecko software development kiteq2.2.1
silabs:gecko_software_development_kitsilabs gecko software development kiteq4.2.3
silabs:gecko_software_development_kitsilabs gecko software development kiteq4.1.2
silabs:gecko_software_development_kitsilabs gecko software development kiteq2.1.0
silabs:gecko_software_development_kitsilabs gecko software development kiteq4.1.4
silabs:gecko_software_development_kitsilabs gecko software development kiteq4.2.0
silabs:gecko_software_development_kitsilabs gecko software development kiteq4.3.1
silabs:gecko_software_development_kitsilabs gecko software development kiteq4.1.3

CPE	Name	Operator	Version
silabs:gecko_software_development_kit	silabs gecko software development kit	lt	4.4.0
silabs:gecko_software_development_kit	silabs gecko software development kit	eq	4.2.2
silabs:gecko_software_development_kit	silabs gecko software development kit	eq	2.2.1
silabs:gecko_software_development_kit	silabs gecko software development kit	eq	4.2.3
silabs:gecko_software_development_kit	silabs gecko software development kit	eq	4.1.2
silabs:gecko_software_development_kit	silabs gecko software development kit	eq	2.1.0
silabs:gecko_software_development_kit	silabs gecko software development kit	eq	4.1.4
silabs:gecko_software_development_kit	silabs gecko software development kit	eq	4.2.0
silabs:gecko_software_development_kit	silabs gecko software development kit	eq	4.3.1
silabs:gecko_software_development_kit	silabs gecko software development kit	eq	4.1.3

Rows per page:

1-10 of 281

References

community.silabs.com/069Vm0000004f6DIAQ

github.com/SiliconLabs/gecko_sdk

6.8 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

20.7%

JSON

Related for CVE-2023-5138

osv1 prion1