Vulnerability — CVE-2022-24936

CVE-2022-24936

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2022-24936
Description:: Out-of-Bounds error in GBL parser in Silicon Labs Gecko Bootloader version 4.0.1 and earlier allows attacker to overwrite flash Sign key and OTA decryption key via malicious bootloader upgrade.
Last updated date:: 11/03/2022

Type:: exploit
Confidence:: HIGH
Date of publishing:: 11/03/2022
Reference url to background: https://github.com/SiliconLabs/gecko_sdk/blame/2e82050dc8823c9fe0e8908c1b2666fb83056230/platform/bootloader/core/btl_bootload.c