Gecko Security Vulnerabilities

CVE-2024-4013

A bug exists in the API, mesh_node_power_off(), which fails to copy the contents of the Replay Protection List (RPL) from RAM to NVM before powering down, resulting in the ability to replay unsaved messages. Note that as of June 2024, the Gecko SDK was renamed to the Simplicity SDK, and the...

CVE-2023-45318

A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP git commit 80d4004. A specially crafted network packet can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this...

CVE-2023-39541

A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a...

CVE-2023-39540

A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a...

CVE-2023-6874

Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of the NWK sequence...

CVE-2023-6387

A potential buffer overflow exists in the Bluetooth LE HCI CPC sample application in the Gecko SDK which may result in a denial of service or remote code...

CVE-2023-5138

Glitch detection is not enabled by default for the CortexM33 core in Silicon Labs secure vault high parts EFx32xG2xB, except...

CVE-2023-4280

An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted...

CVE-2023-41097

An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through...

CVE-2023-4020

An unvalidated input in a library function responsible for communicating between secure and non-secure memory in Silicon Labs TrustZone implementation allows reading/writing of memory in the secure region of memory from the non-secure region of...

CVE-2023-5310

A denial of service vulnerability exists in all Silicon Labs Z-Wave controller and endpoint devices running Z-Wave SDK v7.20.3 (Gecko SDK v4.3.3) and earlier. This attack can be carried out only by devices on the network sending a stream of packets to the...

CVE-2023-31247

A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this...

CVE-2023-28391

A memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01. Specially crafted network packets can lead to code execution. An attacker can send a malicious packet to trigger this...

CVE-2023-27882

A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this...

CVE-2023-28379

A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this...

CVE-2023-24585

An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to memory corruption. An attacker can send a network request to trigger this...

CVE-2023-25181

A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted set of network packets can lead to arbitrary code execution. An attacker can send a malicious packet to trigger this...

CVE-2023-3487

An integer overflow in Silicon Labs Gecko Bootloader version 4.3.1 and earlier allows unbounded memory access when reading from or writing to storage...

CVE-2023-3024

Forcing the Bluetooth LE stack to segment 'prepare write response' packets can lead to an out-of-bounds memory...

CVE-2023-4041

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM (Firmware Update File Parser modules) allows Code Injection, Authentication Bypass.This issue affects...

CVE-2023-3488

Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL...

CVE-2023-2747

The initialization vector (IV) used by the secure engine (SE) for encrypting data stored in the SE flash memory is...

CVE-2023-2686

Buffer overflow in Wi-Fi Commissioning MicriumOS example in Silicon Labs Gecko SDK v4.2.3 or earlier allows connected device to write payload onto the...

CVE-2023-2687

Buffer overflow in Platform CLI component in Silicon Labs Gecko SDK v4.2.1 and earlier allows user to overwrite limited structures on the...

CVE-2023-32099

Compiler removal of buffer clearing in sli_se_sign_hash in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to...

CVE-2023-2481

Compiler removal of buffer clearing in sli_se_opaque_import_key in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to...

CVE-2023-32097

Compiler removal of buffer clearing in sli_crypto_transparent_aead_decrypt_tag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to...

CVE-2023-0965

Compiler removal of buffer clearing in sli_cryptoacc_transparent_key_agreement in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to...

CVE-2023-32096

Compiler removal of buffer clearing in sli_crypto_transparent_aead_encrypt_tag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to...

CVE-2023-32100

Compiler removal of buffer clearing in sli_se_driver_mac_compute in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to...

CVE-2023-32098

Compiler removal of buffer clearing in sli_se_sign_message in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to...

CVE-2023-1132

Compiler removal of buffer clearing in sli_se_driver_key_agreement in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to...

CVE-2023-0775

An invalid ‘prepare write request’ command can cause the Bluetooth LE stack to run out of memory and fail to be able to handle subsequent connection requests, resulting in a...

CVE-2022-24939

A malformed packet containing an invalid destination address, causes a stack overflow in the Ember ZNet stack. This causes an assert which leads to a reset, immediately clearing the...

CVE-2022-24942

Heap based buffer overflow in HTTP Server functionality in Micrium uC-HTTP 3.01.01 allows remote code execution via HTTP...

CVE-2022-24936

Out-of-Bounds error in GBL parser in Silicon Labs Gecko Bootloader version 4.0.1 and earlier allows attacker to overwrite flash Sign key and OTA decryption key via malicious bootloader...

CVE-2015-1425

JAKWEB Gecko CMS has Multiple Input Validation...

CVE-2017-6038

A Cross-Site Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web application does not sufficiently verify that requests were provided by the user who submitted the...

CVE-2017-6040

An Information Exposure issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. Non-sensitive information can be obtained...

CVE-2017-6036

A Server-Side Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web server receives a request, but does not sufficiently verify that the request is being sent to the expected...

CVE-2017-5163

An issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. After an administrator downloads a configuration file, a copy of the configuration file, which includes hashes of user passwords, is saved to a location that is accessible without...

CVE-2015-1424

Cross-site request forgery (CSRF) vulnerability in Gecko CMS 2.2 and 2.3 allows remote attackers to hijack the authentication of administrators for requests that add an administrator user via a newuser request to...

CVE-2015-1423

Multiple SQL injection vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote administrators to execute arbitrary SQL commands via the (1) jak_delete_log[] or (2) ssp parameter to...

CVE-2015-1422

Multiple cross-site scripting (XSS) vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) horder[], (2) jak_catid, (3) jak_content, (4) jak_css, (5) jak_delete_log[], (6) jak_email, (7) jak_extfile, (8) jak_file, (9) jak_hookshow[], (10)....

CVE-2011-2366

Mozilla Gecko before 5.0, as used in Firefox before 5.0 and Thunderbird before 5.0, does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment...

CVE-2004-1639

Mozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913 allows remote attackers to cause a denial of service (application crash or memory consumption) via a large binary file with a .html...