Vulnerabilities > Silabs > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-02 | CVE-2023-4280 | Unspecified vulnerability in Silabs Gecko Software Development KIT An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region. | 9.8 |
| 2023-12-15 | CVE-2023-4020 | Unspecified vulnerability in Silabs Gecko Software Development KIT An unvalidated input in a library function responsible for communicating between secure and non-secure memory in Silicon Labs TrustZone implementation allows reading/writing of memory in the secure region of memory from the non-secure region of memory. | 9.1 |
| 2023-12-14 | CVE-2023-4489 | Use of Uninitialized Resource vulnerability in Silabs Z/Ip Gateway SDK 7.18.01/7.18.03 The first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK v7.18.3 and earlier. | 9.8 |
| 2023-11-14 | CVE-2023-24585 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. | 9.8 |
| 2023-11-14 | CVE-2023-25181 | Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. | 9.8 |
| 2023-11-14 | CVE-2023-27882 | Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. | 9.8 |
| 2023-11-14 | CVE-2023-28379 | Out-of-bounds Write vulnerability in multiple products A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. | 9.8 |
| 2023-11-14 | CVE-2023-28391 | Out-of-bounds Write vulnerability in multiple products A memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01. | 9.8 |
| 2023-11-14 | CVE-2023-31247 | Out-of-bounds Write vulnerability in multiple products A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded uC-HTTP v3.01.01. | 9.8 |
| 2023-10-26 | CVE-2023-41095 | Missing Encryption of Sensitive Data vulnerability in Silabs Openthread SDK 2.3.0.0/2.3.1.0 Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM (SecureVault High modules) allows potential modification or extraction of network credentials stored in flash. This issue affects Silicon Labs OpenThread SDK: 2.3.1 and earlier. | 9.1 |