Silabs: Security Vulnerabilities
A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.
CVSS Score
9.0
EPSS Score
0.003
Published
2023-11-14
A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.
CVSS Score
9.0
EPSS Score
0.003
Published
2023-11-14
A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.
CVSS Score
9.0
EPSS Score
0.002
Published
2023-11-14
A memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01. Specially crafted network packets can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.
CVSS Score
9.0
EPSS Score
0.003
Published
2023-11-14
An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.
CVSS Score
7.7
EPSS Score
0.002
Published
2023-11-14
A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted set of network packets can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this vulnerability.
CVSS Score
9.0
EPSS Score
0.002
Published
2023-11-14
Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM (SecureVault High modules) allows potential modification or extraction of network credentials stored in flash.
This issue affects Silicon Labs OpenThread SDK: 2.3.1 and earlier.
CVSS Score
6.8
EPSS Score
0.0
Published
2023-10-26
Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM (SecureVault High modules)
allows potential modification or extraction of network credentials stored in flash.
This issue affects Silicon Labs Ember ZNet SDK: 7.3.1 and earlier.
CVSS Score
6.8
EPSS Score
0.0
Published
2023-10-26
An integer overflow in Silicon Labs Gecko Bootloader version 4.3.1 and earlier allows unbounded memory access when reading from or writing to storage slots.
CVSS Score
7.7
EPSS Score
0.003
Published
2023-10-20
In Silicon Labs uC/TCP-IP 3.6.0, TCP ISNs are improperly random.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-10-10