CVE-2023-4020

Summary

An unvalidated input in a library function responsible for communicating between secure and non-secure memory in Silicon Labs TrustZone implementation allows reading/writing of memory in the secure region of memory from the non-secure region of memory.

Affected Software

VendorProductVersion RangeStatus
silabs.comGSDK1.0 < 4.4.0affected

Weaknesses

  • CWE-125: CWE-125 Out-of-bounds Read
  • CWE-787: CWE-787 Out-of-bounds Write

ADP Enrichment

CVE Program Container

Additional References

References