3 matches found
CVE-2023-4041
Silicon Labs Gecko Bootloader (ARM) contains a Buffer Copy without Checking Size ('Classic Buffer Overflow') along with an Out-of-bounds Write and Download of Code Without Integrity Check in its Firmware Update File Parser. This vulnerability may allow Code Injection and Authentication Bypass in ...
CVE-2022-24936
CVE-2022-24936 is a vulnerability in Silicon Labs Gecko Bootloader’s GBL parser, affecting Gecko Bootloader versions 4.0.1 and earlier. The issue is an out-of-bounds error in the GBL parser that could let an attacker overwrite critical flash keys (Sign key and OTA decryption key) through a malici...
CVE-2023-3487
The CVE-2023-3487 entry affects Silicon Labs Gecko Bootloader versions 4.3.1 and earlier, caused by an integer overflow that enables unbounded memory access when reading from or writing to storage slots. The vulnerability could impact firmware handling of storage slots, with the disclosed data in...