CVE-2024-22473

Description

TRNG is used before initialization by ECDSA signing driver when exiting EM2/EM3 on Virtual Secure Vault (VSE) devices. This defect may allow Signature Spoofing by Key Recreation.This issue affects Gecko SDK through v4.4.0.

References

https://community.silabs.com/068Vm000001FrjT

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3

EPSS