CVE Catalog

CVE-2023-3488

LowCVSS 3.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.25%

16th percentile — higher than 16% of all known CVEs

Summary

Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file.

Risk Assessment

The organization may be exposed to sensitive data leakage, potentially leading to privacy breaches and information security issues.

Recommendation

It is recommended to upgrade to a newer version of GSDK to mitigate the risk associated with this vulnerability.

Original NVD description (English source)

Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS