CVE-2023-2686

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jun 15, 2023
Updated: Jun 30, 2023
CWE ID 89

Summary

CVE-2023-2686 is a buffer overflow vulnerability affecting the Wi-Fi Commissioning MicriumOS example in Silicon Labs Gecko SDK version 4.2.3 and earlier. An attacker can exploit this issue by sending malicious data to a connected device, causing the stack to overflow and allowing the attacker to write and execute arbitrary code. This can potentially lead to unauthorized access, data theft, or system crashes. Devices using the affected SDK version should be updated to the latest patch to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share