CVE-2023-4280

Description

An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region.

CVSS Version 3.1

nvd
CVE ID: CVE-2023-4280
Base Score: 9.8
Base Severity: CRITICAL
Vector String:CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 3.9

silabs
CVE ID: CVE-2023-4280
Base Score: 9.3
Base Severity: CRITICAL
Vector String:CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Impact Score: 6.0
Exploitability Score: 2.5

Refrence: NVD MITRE

Description​

Description