An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region.

Related CVEs

CVE-2023-4280

Key Information

GHSA ID

GHSA-3rwq-pxmh-pw55

Published

January 2, 2024 6:30 PM

Last Modified

January 2, 2024 6:30 PM

CVSS Score

9.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 16, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.