GCVE - cpe:2.3:o:silabs:gecko_os:1.0.46:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:silabs:gecko_os:1.0.46:*:*:*:*:*:*:*

part: o version: 1.0.46 update: *

Vendor	Silabs (`23d6bce5-f2eb-5a47-a0ef-8e615f48c9bf`)
Product	Gecko Os (`66ad8456-00f6-5526-9918-e1ca49970a4a`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/siliconlabs/gecko_sdk`	purl2cpe	2026-06-01 10:18:16.420139

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-2838`	vulnerable	2026-06-03 15:00:26.639364	Silicon Labs Gecko OS DNS Response Processing Infinite Loop Denial-of-Service Vulnerability MEDIUM (6.5) Silicon Labs Gecko OS DNS Response Processing Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of DNS responses. The issue results from a logic error that can lead to an infinite loop. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-23392. Published: 2025-03-26T21:16:33.186Z Updated: 2025-03-27T14:52:53.920Z Open on db.gcve.eu Reference links https://www.zerodayinitiative.com/advisories/ZDI-24-872/ https://community.silabs.com/a45Vm0000000Atp	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-2837`	vulnerable	2026-06-03 15:00:26.638761	Silicon Labs Gecko OS HTTP Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability HIGH (8.8) Silicon Labs Gecko OS HTTP Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HTTP requests. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23245. Published: 2025-03-26T21:16:28.720Z Updated: 2025-03-27T15:05:03.581Z Open on db.gcve.eu Reference links https://www.zerodayinitiative.com/advisories/ZDI-24-871/ https://community.silabs.com/a45Vm0000000Atp	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-23938`	vulnerable	2026-06-03 14:55:04.946776	Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability HIGH (8.8) Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the debug interface. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23184 Published: 2024-09-28T06:06:43.976Z Updated: 2024-10-03T14:12:41.628Z Open on db.gcve.eu Reference links https://www.zerodayinitiative.com/advisories/ZDI-24-868/ https://community.silabs.com/a45Vm0000000Atp	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.