CVE-2024-12975

CVSS

No CVSS.

buffer overread can occur in the CPC application when operating in full duplex SPI upon receiving an invalid packet over the SPI interface.

References

Link	Resource
https://community.silabs.com/069Vm00000LWXMeIAP
https://github.com/SiliconLabs/simplicity_sdk/releases

Configurations

No configuration.

History

16 Sep 2025, 16:15

Type	Values Removed	Values Added
CWE	CWE-129 CWE-125	CWE-126

07 Mar 2025, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-07 17:15

Updated : 2025-09-16 16:15

NVD link : CVE-2024-12975

Mitre link : CVE-2024-12975

CVE.ORG link : CVE-2024-12975

JSON object : View

Products Affected

No product.

CWE

CWE-126

Buffer Over-read

{"id": "CVE-2024-12975", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 1.0, "Automatable": "NOT_DEFINED", "attackVector": "PHYSICAL", "baseSeverity": "LOW", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-03-07T17:15:18.263", "references": [{"url": "https://community.silabs.com/069Vm00000LWXMeIAP", "source": "[email protected]"}, {"url": "https://github.com/SiliconLabs/simplicity_sdk/releases", "source": "[email protected]"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-126"}]}], "descriptions": [{"lang": "en", "value": "A buffer overread can occur in the CPC application when operating in full duplex SPI upon receiving an invalid packet over the SPI interface."}, {"lang": "es", "value": "Puede ocurrir una sobrelectura de b\u00fafer en la aplicaci\u00f3n CPC cuando opera en SPI d\u00faplex completo al recibir un paquete no v\u00e1lido a trav\u00e9s de la interfaz SPI."}], "lastModified": "2025-09-16T16:15:40.313", "sourceIdentifier": "[email protected]"}

CVE-2024-12975

JSON object

Attach tags to CVE-2024-12975

Attach tags to `CVE-2024-12975`