Lucene search

[email protected]CVE-2023-51394

HistoryFeb 23, 2024 - 8:15 p.m.

CVE-2023-51394

2024-02-2320:15:51

CWE-476

[email protected]

web.nvd.nist.gov

cve-2023-51394

silicon labs

ember znet sdk

null pointer dereference

vulnerability

system crash

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

5.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

8.8%

JSON

High traffic environments may result in NULL Pointer Dereference vulnerability in Silicon Labs’s Ember ZNet SDK before v7.4.0, causing a system crash.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "packageName": "Ember ZNet SDK",
    "platforms": [
      "32 bit",
      "ARM"
    ],
    "product": "Ember ZNet SDK",
    "repo": "https://github.com/SiliconLabs/gecko_sdk/releases",
    "vendor": "silabs.com",
    "versions": [
      {
        "lessThan": "7.4.0",
        "status": "affected",
        "version": "0",
        "versionType": "7.4.x"
      }
    ]
  }
]

References

community.silabs.com/068Vm000001NL4u

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

5.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

8.8%

JSON

Related for CVE-2023-51394

nvd1 prion1 cvelist1