CVE-2023-4280

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-4280
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-4280.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-4280
Published
2024-01-02T17:15:09.520Z
Modified
2026-04-10T05:02:16.174289Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region.

References

Affected packages

Git / github.com/siliconlabs/gecko_sdk

Affected ranges

Type
GIT
Repo
https://github.com/siliconlabs/gecko_sdk
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
1228a95262ee099a21c6be4d35224479c8e4dde2
Database specific 
{
    "versions": [
        {
            "introduced": "1.0.0"
        },
        {
            "last_affected": "4.3.2"
        }
    ]
}

Affected versions

v4.*
v4.2.0
v4.2.1
v4.2.2
v4.2.3
v4.3.0
v4.3.1
v4.3.2

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-4280.json"