3.3
CVE-2023-2687
- EPSS 0.04%
- Published 02.06.2023 16:15:09
- Last modified 21.11.2024 07:59:05
- Source product-security@silabs.com
- Teams watchlist Login
- Open Login
Buffer overflow in Platform CLI component in Silicon Labs Gecko SDK v4.2.1 and earlier allows user to overwrite limited structures on the heap.
Data is provided by the National Vulnerability Database (NVD)
Silabs ≫ Gecko Software Development Kit Version <= 4.2.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.116 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 3.3 | 1.8 | 1.4 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
|
| product-security@silabs.com | 2.9 | 1.4 | 1.4 |
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
|
CWE-131 Incorrect Calculation of Buffer Size
The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.