CVE-2023-4041

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 23, 2023
Updated: Aug 29, 2023
CWE ID 416

Summary

CVE-2023-4041 is a significant vulnerability that affects the Silicon Labs Gecko Bootloader on ARM systems. This issue involves a classic buffer overflow and out-of-bounds write, resulting in code injection and authentication bypass. The firmware update file parser modules are the affected components, impacting both "Standalone" and "Application" versions of the Gecko Bootloader. Attackers can exploit this vulnerability to download code without proper integrity checks, potentially leading to serious security consequences.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share