CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

silabs

gecko_bootloader

3 known vulnerabilities · sorted by CVSS score

CVE-2023-4041

CRITICAL9.8

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM (Firmware Update File Parser modules) allows Code Injection, Authentication Bypass.This issue affects "Standalone" and "Application" versions of Gecko Bootloader.

silabs / gecko_bootloader+1

Network

Published Aug 23, 2023

CVE-2022-24936

HIGH8.3

Out-of-Bounds error in GBL parser in Silicon Labs Gecko Bootloader version 4.0.1 and earlier allows attacker to overwrite flash Sign key and OTA decryption key via malicious bootloader upgrade.

silabs / gecko_bootloader

Adjacent

Published Nov 2, 2022

CVE-2023-3487

HIGH7.7

An integer overflow in Silicon Labs Gecko Bootloader version 4.3.1 and earlier allows unbounded memory access when reading from or writing to storage slots.

silabs / gecko_bootloader

Local

Published Oct 20, 2023