Description
An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region.
CVSS Metrics
- Vector
- CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Attack Vector
- local
- Complexity
- low
- Privileges
- none
- User Action
- none
- Scope
- changed
- Confidentiality
- high
- Integrity
- high
- Availability
- high
- Weaknesses
- CWE-125CWE-787NVD-CWE-noinfo
Metadata
- Primary Vendor
- SILABS
- Published
- 1/2/2024
- Last Modified
- 11/21/2024
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
silabs : gecko_software_development_kit
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.