3.3
CVE-2023-2687
- EPSS 0.04%
- Veröffentlicht 02.06.2023 16:15:09
- Zuletzt bearbeitet 21.11.2024 07:59:05
- Quelle product-security@silabs.com
- Teams Watchlist Login
- Unerledigt Login
Buffer overflow in Platform CLI component in Silicon Labs Gecko SDK v4.2.1 and earlier allows user to overwrite limited structures on the heap.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Silabs ≫ Gecko Software Development Kit Version <= 4.2.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.116 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 3.3 | 1.8 | 1.4 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
|
| product-security@silabs.com | 2.9 | 1.4 | 1.4 |
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
|
CWE-131 Incorrect Calculation of Buffer Size
The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.