https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 04 May 2026 12:42:30 +0000 https://vulnerability.circl.lu/sighting/44bc8332-b3c9-4ccb-910c-da803f6eef2f/export {"uuid": "44bc8332-b3c9-4ccb-910c-da803f6eef2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23937", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113920092785772869", "content": "", "creation_timestamp": "2025-01-31T00:17:46.220312Z"} {"uuid": "44bc8332-b3c9-4ccb-910c-da803f6eef2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23937", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113920092785772869", "content": "", "creation_timestamp": "2025-01-31T00:17:46.220312Z"} https://vulnerability.circl.lu/sighting/44bc8332-b3c9-4ccb-910c-da803f6eef2f/export Fri, 31 Jan 2025 00:17:46 +0000 https://vulnerability.circl.lu/sighting/2f109c51-deef-42d9-a183-1dbbf90ecbfb/export {"uuid": "2f109c51-deef-42d9-a183-1dbbf90ecbfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23930", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3535", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23930\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Pioneer DMH-WT7600NEX devices. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the Media service, which listens on TCP port 42000 by default. The issue results from improper handling of error conditions. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.\n\ud83d\udccf Published: 2025-01-31T00:30:44Z\n\ud83d\udccf Modified: 2025-01-31T00:30:44Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-23930\n2. https://www.zerodayinitiative.com/advisories/ZDI-24-1043", "creation_timestamp": "2025-01-31T01:12:15.000000Z"} {"uuid": "2f109c51-deef-42d9-a183-1dbbf90ecbfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23930", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3535", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23930\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Pioneer DMH-WT7600NEX devices. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the Media service, which listens on TCP port 42000 by default. The issue results from improper handling of error conditions. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.\n\ud83d\udccf Published: 2025-01-31T00:30:44Z\n\ud83d\udccf Modified: 2025-01-31T00:30:44Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-23930\n2. https://www.zerodayinitiative.com/advisories/ZDI-24-1043", "creation_timestamp": "2025-01-31T01:12:15.000000Z"} https://vulnerability.circl.lu/sighting/2f109c51-deef-42d9-a183-1dbbf90ecbfb/export Fri, 31 Jan 2025 01:12:15 +0000 https://vulnerability.circl.lu/sighting/8c344511-7bee-4e62-bc3f-adbb16f8f0a6/export {"uuid": "8c344511-7bee-4e62-bc3f-adbb16f8f0a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23937", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3536", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23937\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the debug interface. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the device.\n\ud83d\udccf Published: 2025-01-31T00:30:44Z\n\ud83d\udccf Modified: 2025-01-31T00:30:44Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-23937\n2. https://community.silabs.com/a45Vm0000000Atp\n3. https://www.zerodayinitiative.com/advisories/ZDI-24-869", "creation_timestamp": "2025-01-31T01:12:19.000000Z"} {"uuid": "8c344511-7bee-4e62-bc3f-adbb16f8f0a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23937", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3536", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23937\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the debug interface. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the device.\n\ud83d\udccf Published: 2025-01-31T00:30:44Z\n\ud83d\udccf Modified: 2025-01-31T00:30:44Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-23937\n2. https://community.silabs.com/a45Vm0000000Atp\n3. https://www.zerodayinitiative.com/advisories/ZDI-24-869", "creation_timestamp": "2025-01-31T01:12:19.000000Z"} https://vulnerability.circl.lu/sighting/8c344511-7bee-4e62-bc3f-adbb16f8f0a6/export Fri, 31 Jan 2025 01:12:19 +0000 https://vulnerability.circl.lu/sighting/5a99a23d-97c1-4679-8c10-712c2663c9df/export {"uuid": "5a99a23d-97c1-4679-8c10-712c2663c9df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23930", "type": "seen", "source": "https://t.me/cvedetector/16852", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-23930 - \"Pioneer DMH-WT7600NEX Media Service Denial-of-Service Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2024-23930 \nPublished : Jan. 31, 2025, 12:15 a.m. | 1\u00a0hour, 6\u00a0minutes ago \nDescription : This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Pioneer DMH-WT7600NEX devices. Authentication is not required to exploit this vulnerability. \n \nThe specific flaw exists within the Media service, which listens on TCP port 42000 by default. The issue results from improper handling of error conditions. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"31 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-31T02:49:08.000000Z"} {"uuid": "5a99a23d-97c1-4679-8c10-712c2663c9df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23930", "type": "seen", "source": "https://t.me/cvedetector/16852", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-23930 - \"Pioneer DMH-WT7600NEX Media Service Denial-of-Service Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2024-23930 \nPublished : Jan. 31, 2025, 12:15 a.m. | 1\u00a0hour, 6\u00a0minutes ago \nDescription : This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Pioneer DMH-WT7600NEX devices. Authentication is not required to exploit this vulnerability. \n \nThe specific flaw exists within the Media service, which listens on TCP port 42000 by default. The issue results from improper handling of error conditions. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"31 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-31T02:49:08.000000Z"} https://vulnerability.circl.lu/sighting/5a99a23d-97c1-4679-8c10-712c2663c9df/export Fri, 31 Jan 2025 02:49:08 +0000 https://vulnerability.circl.lu/sighting/b17a9c2c-9e8f-4e3b-94ac-f45b61a23b6e/export {"uuid": "b17a9c2c-9e8f-4e3b-94ac-f45b61a23b6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23937", "type": "seen", "source": "https://t.me/cvedetector/16853", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-23937 - Silicon Labs Gecko OS Format String Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-23937 \nPublished : Jan. 31, 2025, 12:15 a.m. | 1\u00a0hour, 6\u00a0minutes ago \nDescription : This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. \n \nThe specific flaw exists within the debug interface. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the device. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"31 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-31T02:49:12.000000Z"} {"uuid": "b17a9c2c-9e8f-4e3b-94ac-f45b61a23b6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23937", "type": "seen", "source": "https://t.me/cvedetector/16853", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-23937 - Silicon Labs Gecko OS Format String Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-23937 \nPublished : Jan. 31, 2025, 12:15 a.m. | 1\u00a0hour, 6\u00a0minutes ago \nDescription : This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. \n \nThe specific flaw exists within the debug interface. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the device. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"31 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-31T02:49:12.000000Z"} https://vulnerability.circl.lu/sighting/b17a9c2c-9e8f-4e3b-94ac-f45b61a23b6e/export Fri, 31 Jan 2025 02:49:12 +0000 https://vulnerability.circl.lu/sighting/03719e3d-108b-4acf-88cd-8d71ce122bde/export {"uuid": "03719e3d-108b-4acf-88cd-8d71ce122bde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23930", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgz2xzgzck2i", "content": "", "creation_timestamp": "2025-01-31T03:35:30.972733Z"} {"uuid": "03719e3d-108b-4acf-88cd-8d71ce122bde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23930", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgz2xzgzck2i", "content": "", "creation_timestamp": "2025-01-31T03:35:30.972733Z"} https://vulnerability.circl.lu/sighting/03719e3d-108b-4acf-88cd-8d71ce122bde/export Fri, 31 Jan 2025 03:35:30 +0000 https://vulnerability.circl.lu/sighting/3754858d-3269-4fc8-a5fb-a4cbe5ad1028/export {"uuid": "3754858d-3269-4fc8-a5fb-a4cbe5ad1028", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23937", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgz2y2shkt2k", "content": "", "creation_timestamp": "2025-01-31T03:35:37.821279Z"} {"uuid": "3754858d-3269-4fc8-a5fb-a4cbe5ad1028", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23937", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgz2y2shkt2k", "content": "", "creation_timestamp": "2025-01-31T03:35:37.821279Z"} https://vulnerability.circl.lu/sighting/3754858d-3269-4fc8-a5fb-a4cbe5ad1028/export Fri, 31 Jan 2025 03:35:37 +0000 https://vulnerability.circl.lu/sighting/8b9eee18-e413-4319-b584-93dc0c6a95ca/export {"uuid": "8b9eee18-e413-4319-b584-93dc0c6a95ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23937", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7509", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23937\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the debug interface. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the device.\n\ud83d\udccf Published: 2025-01-31T00:07:40.930Z\n\ud83d\udccf Modified: 2025-03-13T20:24:00.226Z\n\ud83d\udd17 References:\n1. https://www.zerodayinitiative.com/advisories/ZDI-24-869/\n2. https://community.silabs.com/a45Vm0000000Atp", "creation_timestamp": "2025-03-13T20:43:20.000000Z"} {"uuid": "8b9eee18-e413-4319-b584-93dc0c6a95ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23937", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7509", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23937\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the debug interface. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the device.\n\ud83d\udccf Published: 2025-01-31T00:07:40.930Z\n\ud83d\udccf Modified: 2025-03-13T20:24:00.226Z\n\ud83d\udd17 References:\n1. https://www.zerodayinitiative.com/advisories/ZDI-24-869/\n2. https://community.silabs.com/a45Vm0000000Atp", "creation_timestamp": "2025-03-13T20:43:20.000000Z"} https://vulnerability.circl.lu/sighting/8b9eee18-e413-4319-b584-93dc0c6a95ca/export Thu, 13 Mar 2025 20:43:20 +0000 https://vulnerability.circl.lu/sighting/eba8251b-ed0c-481f-a4aa-d8450bbae415/export {"uuid": "eba8251b-ed0c-481f-a4aa-d8450bbae415", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23930", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19958", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23930\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Pioneer DMH-WT7600NEX devices. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the Media service, which listens on TCP port 42000 by default. The issue results from improper handling of error conditions. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.\n\ud83d\udccf Published: 2025-01-31T00:01:54.514Z\n\ud83d\udccf Modified: 2025-06-30T17:28:19.529Z\n\ud83d\udd17 References:\n1. https://www.zerodayinitiative.com/advisories/ZDI-24-1043/\n2. https://jpn.pioneer/ja/car/dl/dmh-sz700_sf700/", "creation_timestamp": "2025-06-30T18:08:14.000000Z"} {"uuid": "eba8251b-ed0c-481f-a4aa-d8450bbae415", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23930", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19958", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23930\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Pioneer DMH-WT7600NEX devices. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the Media service, which listens on TCP port 42000 by default. The issue results from improper handling of error conditions. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.\n\ud83d\udccf Published: 2025-01-31T00:01:54.514Z\n\ud83d\udccf Modified: 2025-06-30T17:28:19.529Z\n\ud83d\udd17 References:\n1. https://www.zerodayinitiative.com/advisories/ZDI-24-1043/\n2. https://jpn.pioneer/ja/car/dl/dmh-sz700_sf700/", "creation_timestamp": "2025-06-30T18:08:14.000000Z"} https://vulnerability.circl.lu/sighting/eba8251b-ed0c-481f-a4aa-d8450bbae415/export Mon, 30 Jun 2025 18:08:14 +0000 https://vulnerability.circl.lu/sighting/e9146f7a-8a5f-44e8-97aa-5bd5e109fe07/export {"uuid": "e9146f7a-8a5f-44e8-97aa-5bd5e109fe07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23937", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/20035", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23937\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the debug interface. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the device.\n\ud83d\udccf Published: 2025-01-31T00:07:40.930Z\n\ud83d\udccf Modified: 2025-07-01T13:40:42.425Z\n\ud83d\udd17 References:\n1. https://www.zerodayinitiative.com/advisories/ZDI-24-869/\n2. https://community.silabs.com/a45Vm0000000Atp", "creation_timestamp": "2025-07-01T14:11:23.000000Z"} {"uuid": "e9146f7a-8a5f-44e8-97aa-5bd5e109fe07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23937", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/20035", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23937\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the debug interface. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the device.\n\ud83d\udccf Published: 2025-01-31T00:07:40.930Z\n\ud83d\udccf Modified: 2025-07-01T13:40:42.425Z\n\ud83d\udd17 References:\n1. https://www.zerodayinitiative.com/advisories/ZDI-24-869/\n2. https://community.silabs.com/a45Vm0000000Atp", "creation_timestamp": "2025-07-01T14:11:23.000000Z"} https://vulnerability.circl.lu/sighting/e9146f7a-8a5f-44e8-97aa-5bd5e109fe07/export Tue, 01 Jul 2025 14:11:23 +0000