CVE-2023-4041

Name of the Vulnerable Software and Affected Versions Silicon Labs Gecko Bootloader (affected versions not specified)

Description The issue is related to a Buffer Copy without Checking Size of Input, also known as a 'Classic Buffer Overflow', and Out-of-bounds Write, which allows Code Injection and Authentication Bypass. This is due to the Download of Code Without Integrity Check vulnerability in the Firmware Update File Parser modules on ARM. The problem affects both "Standalone" and "Application" versions of the Gecko Bootloader.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.