First published: Thu Jun 15 2023(Updated: )
Buffer overflow in Wi-Fi Commissioning MicriumOS example in Silicon Labs Gecko SDK v4.2.3 or earlier allows connected device to write payload onto the stack.
Credit: product-security@silabs.com
Affected Software | Affected Version | How to fix |
---|---|---|
Silabs Gecko Software Development Kit | <=4.2.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-2686 is a buffer overflow vulnerability in the Wi-Fi Commissioning MicriumOS example in Silicon Labs Gecko SDK v4.2.3 or earlier.
CVE-2023-2686 has a severity rating of critical with a CVSS score of 9.8.
Silicon Labs Gecko SDK versions up to and including 4.2.3 are affected by CVE-2023-2686.
A connected device can exploit CVE-2023-2686 by writing a payload onto the stack.
Yes, updating to a version later than 4.2.3 of Silicon Labs Gecko SDK fixes the CVE-2023-2686 vulnerability.