CVE-2023-6387

HIGH

Gecko SDK < 4.4.0 - Buffer Overflow in Bluetooth LE HCI CPC Sample Application

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-6387. PoCs published by A3ST1CODE.

AI-analyzed exploit summary This repository contains a Next.js-based scanner for detecting CVE-2023-6387, an OpenSSH vulnerability. It checks SSH banners against known vulnerable versions and caches results for efficiency.

Description

A potential buffer overflow exists in the Bluetooth LE HCI CPC sample application in the Gecko SDK which may result in a denial of service or remote code execution

Exploits (1)

nomisec SCANNER

by A3ST1CODE · poc

https://github.com/A3ST1CODE/CVE_6387

View Code ZIP pw:eip

This repository contains a Next.js-based scanner for detecting CVE-2023-6387, an OpenSSH vulnerability. It checks SSH banners against known vulnerable versions and caches results for efficiency.

Classification

Scanner 90%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: OpenSSH (versions affected by CVE-2023-6387)

No auth needed

Prerequisites: Network access to target SSH ports · List of target IPs or CIDR ranges

MITRE ATT&CK

T1069.002 - Domain Groups T1592 - Gather Victim Host Information

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Permissions Required

https://community.silabs.com/069Vm000000WNKuIAO

Release Notes

https://github.com/SiliconLabs/gecko_sdk/releases/tag/v4.4.0

Scores

CVSS v3 7.5

EPSS 0.0061

EPSS Percentile 44.5%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-125 CWE-131 CWE-787

Status published

Products (1)

silabs/gecko_software_development_kit < 4.4.0

Published Feb 02, 2024

Tracked Since Feb 18, 2026