CVE-2023-3024

{"id": "CVE-2023-3024", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "product-security@silabs.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.2, "exploitabilityScore": 1.6}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2023-09-29T17:15:47.043", "references": [{"url": "https://github.com/SiliconLabs/gecko_sdk", "tags": ["Product"], "source": "product-security@silabs.com"}, {"url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000ViQvHQAV/?operationContext=S1", "tags": ["Permissions Required", "Vendor Advisory"], "source": "product-security@silabs.com"}, {"url": "https://github.com/SiliconLabs/gecko_sdk", "tags": ["Product"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000ViQvHQAV/?operationContext=S1", "tags": ["Permissions Required", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "product-security@silabs.com", "description": [{"lang": "en", "value": "CWE-787"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Forcing the Bluetooth LE stack to segment 'prepare write response' packets can lead to an out-of-bounds memory access."}, {"lang": "es", "value": "Obligar a la pila Bluetooth LE a segmentar paquetes de \"prepare write response\" puede provocar un acceso a la memoria fuera de los l\u00edmites."}], "lastModified": "2024-11-21T08:16:16.040", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:silabs:gecko_software_development_kit:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3DE410C-55EC-4831-B7F1-66B341B1D760", "versionEndExcluding": "6.0.0", "versionStartIncluding": "1.0.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "715A9F94-5F9E-45E5-B07B-699410C01478"}, {"criteria": "cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "770F3924-BE27-4BDE-B922-680B3C9753EB"}, {"criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272"}, {"criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC"}, {"criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D"}, {"criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE"}, {"criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42"}, {"criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "product-security@silabs.com"}