CVE-2023-3488

Summary

Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file.

Affected Software

VendorProductVersion RangeStatus
silabs.comGecko Bootloader0 <= 4.3.0affected

Weaknesses

  • CWE-908: CWE-908 Use of Uninitialized Resource

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References