CVE-2023-4041
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Aug 23, 2023
Updated: Aug 29, 2023
CWE ID 416
Summary
CVE-2023-4041 is a significant vulnerability that affects the Silicon Labs Gecko Bootloader on ARM systems. This issue involves a classic buffer overflow and out-of-bounds write, resulting in code injection and authentication bypass. The firmware update file parser modules are the affected components, impacting both "Standalone" and "Application" versions of the Gecko Bootloader. Attackers can exploit this vulnerability to download code without proper integrity checks, potentially leading to serious security consequences.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share