CVE-2024-0240

CVSS 3.1 Score 6.5 of 10 (medium)

Attack Complexity low
Availability high
Confidentiality none
Integrity none
Scope unchanged
Privileges Required none

Details

Published Feb 15, 2024
Updated: Feb 16, 2024
CWE ID 400

Summary

CVE-2024-0240 is a memory leak vulnerability affecting the Bluetooth stack of Silicon Labs' EFR32 products. This issue arises when sending notifications to multiple clients, leading to memory exhaustion and subsequent cessation of all Bluetooth operations, including advertising and scanning. Consequently, devices utilizing this stack may become unresponsive, potentially impacting connectivity and data transfer.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share