PT-2024-28791 · Gecko Sdk+1 · Gecko Sdk+1

Published

2024-06-06

Updated

2024-06-07

CVE-2024-4013

CVSS v3.1

5.6

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Simplicity SDK (affected versions not specified) Gecko SDK (affected versions not specified)

Description A bug exists in the API, mesh node power off(), which fails to copy the contents of the Replay Protection List (RPL) from RAM to NVM before powering down, resulting in the ability to replay unsaved messages.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404

Related Identifiers

CVE-2024-4013

Affected Products

Gecko Sdk

Simplicity Sdk

PT-2024-28791 · Gecko Sdk+1 · Gecko Sdk+1

CVE-2024-4013

Weakness Enumeration

Related Identifiers

Affected Products

References · 6