PT-2024-38 · Gigadevice · Gd32E23X+1
Published
2023-04-12
·
Updated
2023-04-12
CVSS v4.0
7.0
High
| Vector | AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
GigaDevice GD32 versions GD32E23x and GD32E50x
Description
The issue is related to insufficient access control in the microcode of GigaDevice GD32 controllers, specifically series GD32E23x and GD32E50x. This could allow an attacker to read data from SRAM or modify its state.
Recommendations
For versions GD32E23x and GD32E50x, consider implementing additional access control mechanisms to restrict unauthorized access to SRAM.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Gd32E23X
Gd32E50X