CVE-2024-4013 (GCVE-0-2024-4013)

Vulnerability from cvelistv5 – Published: 2024-06-06 21:31 – Updated: 2024-08-01 20:26
VLAI?
Summary
A bug exists in the API, mesh_node_power_off(), which fails to copy the contents of the Replay Protection List (RPL) from RAM to NVM before powering down, resulting in the ability to replay unsaved messages. Note that as of June 2024, the Gecko SDK was renamed to the Simplicity SDK, and the versioning scheme was changed from Gecko SDK vX.Y.Z to Simplicity SDK YYYY.MM.Patch#.
Severity ?
5.6 (Medium)
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE
  • CWE-404 - Improper Resource Shutdown or Release
Assigner
References
Impacted products
Vendor Product Version
silabs.com Gecko SDK Affected: 3.1.0 , ≤ 2024.06.0 (semver)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-4013",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-07T19:26:03.113833Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-07T19:26:14.015Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:26:57.298Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "permissions-required",
              "x_transferred"
            ],
            "url": "https://community.silabs.com/068Vm000006rR53"
          },
          {
            "tags": [
              "product",
              "x_transferred"
            ],
            "url": "https://github.com/SiliconLabs/gecko_sdk/releases"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageName": "GSDK",
          "product": "Gecko SDK",
          "repo": "https://github.com/SiliconLabs/gecko_sdk/releases",
          "vendor": "silabs.com",
          "versions": [
            {
              "lessThanOrEqual": "2024.06.0",
              "status": "affected",
              "version": "3.1.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A bug exists in the API, mesh_node_power_off(), which fails to copy the contents of the Replay Protection \nList (RPL) from RAM to NVM before powering down, resulting in the ability to replay unsaved messages. Note that as of June 2024, the Gecko SDK was renamed to the Simplicity SDK, and the versioning scheme \nwas changed from Gecko SDK vX.Y.Z to Simplicity SDK YYYY.MM.Patch#."
            }
          ],
          "value": "A bug exists in the API, mesh_node_power_off(), which fails to copy the contents of the Replay Protection \nList (RPL) from RAM to NVM before powering down, resulting in the ability to replay unsaved messages. Note that as of June 2024, the Gecko SDK was renamed to the Simplicity SDK, and the versioning scheme \nwas changed from Gecko SDK vX.Y.Z to Simplicity SDK YYYY.MM.Patch#."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-679",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-679 Exploitation of Improperly Configured or Implemented Memory Protections"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "CWE-404 Improper Resource Shutdown or Release",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-06T21:31:53.472Z",
        "orgId": "030b2754-1501-44a4-bef8-48be86a33bf4",
        "shortName": "Silabs"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "permissions-required"
          ],
          "url": "https://community.silabs.com/068Vm000006rR53"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://github.com/SiliconLabs/gecko_sdk/releases"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Failure to update BT Mesh Replay Protection List",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "030b2754-1501-44a4-bef8-48be86a33bf4",
    "assignerShortName": "Silabs",
    "cveId": "CVE-2024-4013",
    "datePublished": "2024-06-06T21:31:53.472Z",
    "dateReserved": "2024-04-19T17:58:42.900Z",
    "dateUpdated": "2024-08-01T20:26:57.298Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A bug exists in the API, mesh_node_power_off(), which fails to copy the contents of the Replay Protection \\nList (RPL) from RAM to NVM before powering down, resulting in the ability to replay unsaved messages. Note that as of June 2024, the Gecko SDK was renamed to the Simplicity SDK, and the versioning scheme \\nwas changed from Gecko SDK vX.Y.Z to Simplicity SDK YYYY.MM.Patch#.\"}, {\"lang\": \"es\", \"value\": \"Existe un error en la API, mesh_node_power_off(), que no puede copiar el contenido de la Lista de protecci\\u00f3n de reproducci\\u00f3n (RPL) de la RAM a la NVM antes de apagarse, lo que da como resultado la capacidad de reproducir mensajes no guardados. Tenga en cuenta que a partir de junio de 2024, el SDK de Gecko pas\\u00f3 a llamarse Simplicity SDK y el esquema de versiones se cambi\\u00f3 de Gecko SDK vX.YZ a Simplicity SDK AAAA.MM.Patch#.\"}]",
      "id": "CVE-2024-4013",
      "lastModified": "2024-11-21T09:42:01.980",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"product-security@silabs.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\", \"baseScore\": 5.6, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 3.4}]}",
      "published": "2024-06-06T22:15:10.943",
      "references": "[{\"url\": \"https://community.silabs.com/068Vm000006rR53\", \"source\": \"product-security@silabs.com\"}, {\"url\": \"https://github.com/SiliconLabs/gecko_sdk/releases\", \"source\": \"product-security@silabs.com\"}, {\"url\": \"https://community.silabs.com/068Vm000006rR53\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/SiliconLabs/gecko_sdk/releases\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "product-security@silabs.com",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"product-security@silabs.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-404\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-4013\",\"sourceIdentifier\":\"product-security@silabs.com\",\"published\":\"2024-06-06T22:15:10.943\",\"lastModified\":\"2024-11-21T09:42:01.980\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A bug exists in the API, mesh_node_power_off(), which fails to copy the contents of the Replay Protection \\nList (RPL) from RAM to NVM before powering down, resulting in the ability to replay unsaved messages. Note that as of June 2024, the Gecko SDK was renamed to the Simplicity SDK, and the versioning scheme \\nwas changed from Gecko SDK vX.Y.Z to Simplicity SDK YYYY.MM.Patch#.\"},{\"lang\":\"es\",\"value\":\"Existe un error en la API, mesh_node_power_off(), que no puede copiar el contenido de la Lista de protecci\u00f3n de reproducci\u00f3n (RPL) de la RAM a la NVM antes de apagarse, lo que da como resultado la capacidad de reproducir mensajes no guardados. Tenga en cuenta que a partir de junio de 2024, el SDK de Gecko pas\u00f3 a llamarse Simplicity SDK y el esquema de versiones se cambi\u00f3 de Gecko SDK vX.YZ a Simplicity SDK AAAA.MM.Patch#.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"product-security@silabs.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":5.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.2,\"impactScore\":3.4}]},\"weaknesses\":[{\"source\":\"product-security@silabs.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-404\"}]}],\"references\":[{\"url\":\"https://community.silabs.com/068Vm000006rR53\",\"source\":\"product-security@silabs.com\"},{\"url\":\"https://github.com/SiliconLabs/gecko_sdk/releases\",\"source\":\"product-security@silabs.com\"},{\"url\":\"https://community.silabs.com/068Vm000006rR53\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/SiliconLabs/gecko_sdk/releases\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://community.silabs.com/068Vm000006rR53\", \"tags\": [\"vendor-advisory\", \"permissions-required\", \"x_transferred\"]}, {\"url\": \"https://github.com/SiliconLabs/gecko_sdk/releases\", \"tags\": [\"product\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T20:26:57.298Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-4013\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-06-07T19:26:03.113833Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-06-07T19:26:10.820Z\"}}], \"cna\": {\"title\": \"Failure to update BT Mesh Replay Protection List\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"capecId\": \"CAPEC-679\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-679 Exploitation of Improperly Configured or Implemented Memory Protections\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.6, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"repo\": \"https://github.com/SiliconLabs/gecko_sdk/releases\", \"vendor\": \"silabs.com\", \"product\": \"Gecko SDK\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.1.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"2024.06.0\"}], \"packageName\": \"GSDK\", \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://community.silabs.com/068Vm000006rR53\", \"tags\": [\"vendor-advisory\", \"permissions-required\"]}, {\"url\": \"https://github.com/SiliconLabs/gecko_sdk/releases\", \"tags\": [\"product\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A bug exists in the API, mesh_node_power_off(), which fails to copy the contents of the Replay Protection \\nList (RPL) from RAM to NVM before powering down, resulting in the ability to replay unsaved messages. Note that as of June 2024, the Gecko SDK was renamed to the Simplicity SDK, and the versioning scheme \\nwas changed from Gecko SDK vX.Y.Z to Simplicity SDK YYYY.MM.Patch#.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A bug exists in the API, mesh_node_power_off(), which fails to copy the contents of the Replay Protection \\nList (RPL) from RAM to NVM before powering down, resulting in the ability to replay unsaved messages. Note that as of June 2024, the Gecko SDK was renamed to the Simplicity SDK, and the versioning scheme \\nwas changed from Gecko SDK vX.Y.Z to Simplicity SDK YYYY.MM.Patch#.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-404\", \"description\": \"CWE-404 Improper Resource Shutdown or Release\"}]}], \"providerMetadata\": {\"orgId\": \"030b2754-1501-44a4-bef8-48be86a33bf4\", \"shortName\": \"Silabs\", \"dateUpdated\": \"2024-06-06T21:31:53.472Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-4013\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-01T20:26:57.298Z\", \"dateReserved\": \"2024-04-19T17:58:42.900Z\", \"assignerOrgId\": \"030b2754-1501-44a4-bef8-48be86a33bf4\", \"datePublished\": \"2024-06-06T21:31:53.472Z\", \"assignerShortName\": \"Silabs\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.