CVE-2023-4041

CVSS V2 None CVSS V3 None

Description

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM (Firmware Update File Parser modules) allows Code Injection, Authentication Bypass.This issue affects "Standalone" and "Application" versions of Gecko Bootloader.

Overview

CVE ID
CVE-2023-4041

Assigner
Silabs

Vulnerability Status
PUBLISHED

Published Version
2023-08-23T04:09:12.180Z

Last Modified Date
2023-08-23T04:09:12.180Z

Weakness Enumerations

CWE	URL
CWE-120	http://cwe.mitre.org/data/definitions/120.html
CWE-787	http://cwe.mitre.org/data/definitions/787.html
CWE-494	http://cwe.mitre.org/data/definitions/494.html

References

Reference URL	Reference Tags
https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000XT8GsQAL?operationContext=S1

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-4041
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4041

History

Created	Old Value	New Value	Data Type	Notes
2024-06-24 19:40:39				Added to TrackCVE