3 results (0.005 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

An integer overflow in Silicon Labs Gecko Bootloader version 4.3.1 and earlier allows unbounded memory access when reading from or writing to storage slots. Un desbordamiento de enteros en Silicon Labs Gecko Bootloader versión 4.3.1 y anteriores permite acceso ilimitado a la memoria al leer o escribir en ranuras de almacenamiento. • https://community.silabs.com/s/contentdocument/0698Y00000ZmXqLQAV https://github.com/SiliconLabs/gecko_sdk/releases • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM (Firmware Update File Parser modules) allows Code Injection, Authentication Bypass.This issue affects "Standalone" and "Application" versions of Gecko Bootloader. • https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000XT8GsQAL?operationContext=S1 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-494: Download of Code Without Integrity Check CWE-787: Out-of-bounds Write CWE-913: Improper Control of Dynamically-Managed Code Resources •

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1

Out-of-Bounds error in GBL parser in Silicon Labs Gecko Bootloader version 4.0.1 and earlier allows attacker to overwrite flash Sign key and OTA decryption key via malicious bootloader upgrade. El error fuera de límites en el analizador GBL en Silicon Labs Gecko Bootloader versión 4.0.1 y anteriores permite al atacante sobrescribir la clave de firma flash y la clave de descifrado OTA mediante una actualización maliciosa del gestor de arranque. • https://community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000Gdop4QAB?operationContext=S1 https://github.com/SiliconLabs/gecko_sdk/blame/2e82050dc8823c9fe0e8908c1b2666fb83056230/platform/bootloader/core/btl_bootload.c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •