Awaiting Analysis
CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Products
OpenThread Border Router
Source
product-security@silabs.com
Tags
CVE-2024-3017 details
Published : June 27, 2024, 7:15 p.m.
Last Modified : June 27, 2024, 7:25 p.m.
Last Modified : June 27, 2024, 7:25 p.m.
Description
In a Silicon Labs multi-protocol gateway, a corrupt pointer to buffered data on a multi-protocol radio co-processor (RCP) causes the OpenThread Border Router(OTBR) application task running on the host platform to crash, allowing an attacker to cause a temporary denial-of-service.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6.5 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|---|---|
| CWE-119 | Improper Restriction of Operations within the Bounds of a Memory Buffer | The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. |
CVSS Data
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
Base Score
6.5
Exploitability Score
2.8
Impact Score
3.6
Base Severity
MEDIUM
Vector String : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References
| URL | Source |
|---|---|
| https://community.silabs.com/069Vm000007UEhZIAW | product-security@silabs.com |
| https://github.com/SiliconLabs/simplicity_sdk | product-security@silabs.com |
This website uses the NVD API, but is not approved or certified by it.