CVE-2023-41093 - Vulnerability Details - OpenCVE

Use After Free vulnerability in Silicon Labs Bluetooth SDK on 32 bit, ARM may allow an attacker with precise timing capabilities to intercept a small number of packets intended for a recipient that has left the network.This issue affects Silabs Bluetooth SDK: through 8.0.0.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Silabs	Bluetooth Low Energy Software Development Kit

Configuration 1 [-]

cpe:2.3:a:silabs:bluetooth_low_energy_software_development_kit:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://community.silabs.com/068Vm000007v4HP

History

Tue, 10 Sep 2024 16:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Silabs Silabs bluetooth Low Energy Software Development Kit
CPEs		cpe:2.3:a:silabs:bluetooth_low_energy_software_development_kit::::::::
Vendors & Products		Silabs Silabs bluetooth Low Energy Software Development Kit

MITRE

Status: PUBLISHED

Assigner: Silabs

Published: 2024-07-12T19:56:16.225Z

Updated: 2024-08-02T18:46:11.834Z

Reserved: 2023-08-23T04:17:16.168Z

Link: CVE-2023-41093

Vulnrichment

Updated: 2024-08-02T18:46:11.834Z

NVD

Status : Undergoing Analysis

Published: 2024-07-12T20:15:02.380

Modified: 2024-11-21T08:20:33.030

Link: CVE-2023-41093

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-41093", "assignerOrgId": "030b2754-1501-44a4-bef8-48be86a33bf4", "state": "PUBLISHED", "assignerShortName": "Silabs", "dateReserved": "2023-08-23T04:17:16.168Z", "datePublished": "2024-07-12T19:56:16.225Z", "dateUpdated": "2024-08-02T18:46:11.834Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://github.com/SiliconLabs/simplicity_sdk/releases", "defaultStatus": "affected", "packageName": "Bluetooth SDK", "platforms": ["32 bit", "ARM"], "product": "Simplicity SDK", "repo": "https://github.com/SiliconLabs/simplicity_sdk", "vendor": "Silicon Labs", "versions": [{"lessThanOrEqual": "8.0.0", "status": "affected", "version": "0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Use After Free vulnerability in Silicon Labs Bluetooth SDK on 32 bit, ARM may allow an attacker with precise timing capabilities to intercept a small number of packets intended for a recipient that has left the network.<p>This issue affects Silabs Bluetooth SDK: through 8.0.0.</p>"}], "value": "Use After Free vulnerability in Silicon Labs Bluetooth SDK on 32 bit, ARM may allow an attacker with precise timing capabilities to intercept a small number of packets intended for a recipient that has left the network.This issue affects Silabs Bluetooth SDK: through 8.0.0."}], "impacts": [{"capecId": "CAPEC-620", "descriptions": [{"lang": "en", "value": "CAPEC-620 Drop Encryption Level"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "030b2754-1501-44a4-bef8-48be86a33bf4", "shortName": "Silabs", "dateUpdated": "2024-07-12T19:56:16.225Z"}, "references": [{"url": "https://community.silabs.com/068Vm000007v4HP"}], "source": {"discovery": "UNKNOWN"}, "title": "Loss of confidentiality due to potential race condition in Bluetooth controller Connection_Handle reuse", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-30T18:47:03.784114Z", "id": "CVE-2023-41093", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-30T18:49:50.246Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:46:11.834Z"}, "title": "CVE Program Container", "references": [{"url": "https://community.silabs.com/068Vm000007v4HP", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://community.silabs.com/068Vm000007v4HP", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:46:11.834Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-41093", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-30T18:47:03.784114Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-30T18:49:45.935Z"}}], "cna": {"title": "Loss of confidentiality due to potential race condition in Bluetooth controller Connection_Handle reuse", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-620", "descriptions": [{"lang": "en", "value": "CAPEC-620 Drop Encryption Level"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.1, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/SiliconLabs/simplicity_sdk", "vendor": "Silicon Labs", "product": "Simplicity SDK", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "8.0.0"}], "platforms": ["32 bit", "ARM"], "packageName": "Bluetooth SDK", "collectionURL": "https://github.com/SiliconLabs/simplicity_sdk/releases", "defaultStatus": "affected"}], "references": [{"url": "https://community.silabs.com/068Vm000007v4HP"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Use After Free vulnerability in Silicon Labs Bluetooth SDK on 32 bit, ARM may allow an attacker with precise timing capabilities to intercept a small number of packets intended for a recipient that has left the network.This issue affects Silabs Bluetooth SDK: through 8.0.0.", "supportingMedia": [{"type": "text/html", "value": "Use After Free vulnerability in Silicon Labs Bluetooth SDK on 32 bit, ARM may allow an attacker with precise timing capabilities to intercept a small number of packets intended for a recipient that has left the network.<p>This issue affects Silabs Bluetooth SDK: through 8.0.0.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "CWE-416 Use After Free"}]}], "providerMetadata": {"orgId": "030b2754-1501-44a4-bef8-48be86a33bf4", "shortName": "Silabs", "dateUpdated": "2024-07-12T19:56:16.225Z"}}}, "cveMetadata": {"cveId": "CVE-2023-41093", "state": "PUBLISHED", "dateUpdated": "2024-08-02T18:46:11.834Z", "dateReserved": "2023-08-23T04:17:16.168Z", "assignerOrgId": "030b2754-1501-44a4-bef8-48be86a33bf4", "datePublished": "2024-07-12T19:56:16.225Z", "assignerShortName": "Silabs"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:silabs:bluetooth_low_energy_software_development_kit:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC0BCCD2-AFFE-4CA7-AE75-E2E4B4C1D9C5", "versionEndIncluding": "8.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Use After Free vulnerability in Silicon Labs Bluetooth SDK on 32 bit, ARM may allow an attacker with precise timing capabilities to intercept a small number of packets intended for a recipient that has left the network.This issue affects Silabs Bluetooth SDK: through 8.0.0."}, {"lang": "es", "value": "Vulnerabilidad de Use After Free en el SDK Bluetooth de Silicon Labs en 32 bits, ARM puede permitir que un atacante con capacidades de sincronizaci\u00f3n precisa intercepte una peque\u00f1a cantidad de paquetes destinados a un destinatario que ha abandonado la red. Este problema afecta al SDK Bluetooth de Silabs: hasta 8.0.0."}], "id": "CVE-2023-41093", "lastModified": "2024-11-21T08:20:33.030", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 1.4, "source": "product-security@silabs.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-12T20:15:02.380", "references": [{"source": "product-security@silabs.com", "tags": ["Permissions Required"], "url": "https://community.silabs.com/068Vm000007v4HP"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required"], "url": "https://community.silabs.com/068Vm000007v4HP"}], "sourceIdentifier": "product-security@silabs.com", "vulnStatus": "Undergoing Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "product-security@silabs.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}