CVE-2023-3487
HIGHSilicon Labs Gecko Bootloader < 4.3.1 - Integer Overflow in Storage Slot Access
Title source: llmDescription
An integer overflow in Silicon Labs Gecko Bootloader version 4.3.1 and earlier allows unbounded memory access when reading from or writing to storage slots.
References (2)
Core 2
Core References
Permissions Required
https://community.silabs.com/s/contentdocument/0698Y00000ZmXqLQAV
Release Notes
https://github.com/SiliconLabs/gecko_sdk/releases
Scores
CVSS v3
7.7
EPSS
0.0024
EPSS Percentile
14.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-125
CWE-190
CWE-787
Status
published
Products (1)
silabs/gecko_bootloader
< 4.3.1
Published
Oct 20, 2023
Tracked Since
Feb 18, 2026