Lucene search

[email protected]NVD:CVE-2023-32100

HistoryMay 18, 2023 - 7:15 p.m.

CVE-2023-32100

2023-05-1819:15:09

CWE-14

[email protected]

web.nvd.nist.gov

compiler removal

buffer clearing

sli_se_driver_mac_compute

silicon labs

gecko platform sdk

key material duplication

ram

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

6.1 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.3%

JSON

Compiler removal of buffer clearing in

sli_se_driver_mac_compute

in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

Affected configurations

NVD

Node

silabsgecko_software_development_kitRange≤4.2.1

References

community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000U19lGQAR?operationContext=S1

github.com/SiliconLabs/gecko_sdk

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

6.1 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.3%

JSON

Related for NVD:CVE-2023-32100

cve1 prion1 cvelist1 osv1