In version 6.5 Microchip MiWi software and all previous versions including legacy products, the stack is validating only two out of four Message Integrity Check (MIC) bytes.
References
Configurations
History
21 Nov 2024, 06:15
Type | Values Removed | Values Added |
---|---|---|
References | () https://ww1.microchip.com/downloads/en/DeviceDoc/asf-release-notes-3.50.0.100-readme.pdf - Vendor Advisory | |
References | () https://ww1.microchip.com/downloads/en/DeviceDoc/asf-release-notes-3.51.0.101-readme.pdf - Release Notes, Vendor Advisory | |
References | () https://www.microchip.com/en-us/development-tools-tools-and-software/libraries-code-examples-and-more/advanced-software-framework-for-sam-devices#Downloads - Vendor Advisory | |
References | () https://www.microchip.com/en-us/products/wireless-connectivity/software-vulnerability-response/miwi-software-vulnerability - Vendor Advisory | |
References | () https://www.microchip.com/en-us/products/wireless-connectivity/sub-ghz/miwi-protocol - Vendor Advisory | |
References | () https://www.microchip.com/product-change-notifications/#/ - Vendor Advisory |
Information
Published : 2021-08-05 16:15
Updated : 2024-11-21 06:15
NVD link : CVE-2021-37605
Mitre link : CVE-2021-37605
CVE.ORG link : CVE-2021-37605
JSON object : View
Products Affected
microchip
- miwi
CWE
CWE-670
Always-Incorrect Control Flow Implementation