Unrated severityNVD Advisory· Published Feb 21, 2024· Updated Sep 27, 2024
Uninitialized TRNG used for ECDSA after EM2/EM3 sleep for VSE devices
CVE-2024-22473
Description
TRNG is used before initialization by ECDSA signing driver when exiting EM2/EM3 on Virtual Secure Vault (VSE) devices. This defect may allow Signature Spoofing by Key Recreation.This issue affects Gecko SDK through v4.4.0.
Affected products
2- Range: <=4.4.0
- silabs.com/GSDKv5Range: 0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.