ГлавнаяУязвимости → CVE-2023-4280
9.3критическая

CVE-2023-4280

Описание

An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region.

Затрагиваемое ПО
Silabs Gecko software development kit
CVSS
Балл9.3 — критическая
ВекторCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Источники
https://community.silabs.com/069Vm0000004NinIAEhttps://github.com/SiliconLabs/gecko_sdkhttps://community.silabs.com/069Vm0000004NinIAEhttps://github.com/SiliconLabs/gecko_sdk