Cyber Resilience

CVE-2024-24731

High

Published: 31 January 2025

Published
31 January 2025
Modified
30 September 2025
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0014 33.4th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-24731 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Silabs Gecko Os. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 33.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-24731 is a stack-based buffer overflow vulnerability in the http_download command of Silicon Labs Gecko OS. The issue stems from insufficient validation of the length of user-supplied data before it is copied into a stack-based buffer, classified under CWE-120 (Buffer Copy without Checking Size of Input). This flaw affects installations of Silicon Labs Gecko OS, enabling network-adjacent attackers to execute arbitrary code in the context of the device without requiring authentication.

Network-adjacent attackers can exploit this vulnerability without privileges (PR:N) or user interaction (UI:N), though it requires high attack complexity (AC:H) and adjacent network access (AV:A). Successful exploitation allows arbitrary code execution on the affected device, resulting in high impacts to confidentiality, integrity, and availability, as reflected in the CVSS v3.1 base score of 7.5 (CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).

Advisories from Silicon Labs (https://community.silabs.com/a45Vm0000000Atp) and the Zero Day Initiative (ZDI-24-870 at https://www.zerodayinitiative.com/advisories/ZDI-24-870/) provide further details on the vulnerability, including recommended mitigations and patches where available.

EU & UK References

Vulnerability details

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the http_download command. The issue results from…

more

the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
Why these techniques?

Stack buffer overflow in network-accessible http_download command directly enables unauthenticated remote code execution on the device.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-23973Same product: Silabs Gecko Os
CVE-2024-50697Shared CWE-120
CVE-2024-48416Shared CWE-120
CVE-2026-42859Shared CWE-120
CVE-2025-25343Shared CWE-120
CVE-2020-37068Shared CWE-120
CVE-2021-47854Shared CWE-120
CVE-2024-39803Shared CWE-120
CVE-2024-37184Shared CWE-120
CVE-2025-66647Shared CWE-120

Affected Assets

silabs
gecko os
all versions

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation of the length of user-supplied data prior to copying into stack-based buffers, addressing the core buffer overflow flaw in the http_download command.

prevent

Mandates identification, reporting, and correction of the specific stack-based buffer overflow vulnerability through patching as provided by Silicon Labs advisories.

prevent

Provides memory protections such as stack canaries and address space layout randomization to prevent arbitrary code execution even if the buffer overflow occurs.

References