Lucene search

SilabsCVELIST:CVE-2023-0969

HistoryJun 21, 2023 - 7:40 p.m.

CVE-2023-0969 Global read overflow in Z/IP Gateway

2023-06-2119:40:44

CWE-125

CWE-119

Silabs

www.cve.org

cve-2023-0969

global read overflow

z-wave range

array pointer

global memory disclosure

3.5 Low

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

4.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an authenticated attacker within Z-Wave range to manipulate an array pointer to disclose the contents of global memory.

CNA Affected

[
  {
    "defaultStatus": "affected",
    "product": "Z/IP Gateway",
    "vendor": "Silicon Labs",
    "versions": [
      {
        "status": "unaffected",
        "version": "7.18.03"
      }
    ]
  }
]

References

siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000V6HZzQAN?operationContext=S1

3.5 Low

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

4.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

Related for CVELIST:CVE-2023-0969