Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-46400 | 1 Microchip | 18 Bm70, Bm70 Firmware, Bm71 and 15 more | 2024-02-28 | N/A | 5.4 MEDIUM |
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) allows attackers to bypass passkey entry in legacy pairing. | |||||
CVE-2022-46402 | 1 Microchip | 18 Bm70, Bm70 Firmware, Bm71 and 15 more | 2024-02-28 | N/A | 6.5 MEDIUM |
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PairCon_rmSend with incorrect values. | |||||
CVE-2022-46401 | 1 Microchip | 24 Bm64, Bm64 Firmware, Bm70 and 21 more | 2024-02-28 | N/A | 5.4 MEDIUM |
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PauseEncReqPlainText before pairing is complete. | |||||
CVE-2022-46403 | 1 Microchip | 18 Bm70, Bm70 Firmware, Bm71 and 15 more | 2024-02-28 | N/A | 8.6 HIGH |
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) mishandles reject messages. | |||||
CVE-2022-46399 | 1 Microchip | 28 Bm64, Bm64 Firmware, Bm70 and 25 more | 2024-02-28 | N/A | 7.5 HIGH |
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) is unresponsive with ConReqTimeoutZero. |