CVE-2023-2747
LOWSilabs Gecko Software Development Kit 2.0.0-2.2.0 - Weak Initialization Vector Generation in Secure Engine
Title source: llmDescription
The initialization vector (IV) used by the secure engine (SE) for encrypting data stored in the SE flash memory is uninitialized.
References (2)
Core 2
Core References
Scores
CVSS v3
3.1
EPSS
0.0016
EPSS Percentile
5.9%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-1204
CWE-908
Status
published
Products (1)
silabs/gecko_software_development_kit
2.0.0 - 2.2.1
Published
Jun 15, 2023
Tracked Since
Feb 18, 2026