CVE-2022-45190

An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can bypass passkey entry in the legacy pairing of the device.
References
Link Resource
https://blediff.github.io/ Technical Description Third Party Advisory
https://blediff.github.io/ Technical Description Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:microchip:rn4870_firmware:1.43:*:*:*:*:*:*:*
cpe:2.3:h:microchip:rn4870:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:28

Type Values Removed Values Added
References () https://blediff.github.io/ - Technical Description, Third Party Advisory () https://blediff.github.io/ - Technical Description, Third Party Advisory

08 Aug 2023, 14:21

Type Values Removed Values Added
CWE CWE-863 CWE-306

Information

Published : 2023-02-08 00:15

Updated : 2024-11-21 07:28


NVD link : CVE-2022-45190

Mitre link : CVE-2022-45190

CVE.ORG link : CVE-2022-45190


JSON object : View

Products Affected

microchip

  • rn4870
  • rn4870_firmware
CWE
CWE-306

Missing Authentication for Critical Function