Vulnerabilities (CVE)

Filtered by vendor Microchip Subscribe
Filtered by product Rn4870 Firmware
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-46403 1 Microchip 18 Bm70, Bm70 Firmware, Bm71 and 15 more 2024-11-21 N/A 8.6 HIGH
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) mishandles reject messages.
CVE-2022-46402 1 Microchip 18 Bm70, Bm70 Firmware, Bm71 and 15 more 2024-11-21 N/A 6.5 MEDIUM
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PairCon_rmSend with incorrect values.
CVE-2022-46401 1 Microchip 24 Bm64, Bm64 Firmware, Bm70 and 21 more 2024-11-21 N/A 5.4 MEDIUM
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PauseEncReqPlainText before pairing is complete.
CVE-2022-46400 1 Microchip 18 Bm70, Bm70 Firmware, Bm71 and 15 more 2024-11-21 N/A 5.4 MEDIUM
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) allows attackers to bypass passkey entry in legacy pairing.
CVE-2022-46399 1 Microchip 28 Bm64, Bm64 Firmware, Bm70 and 25 more 2024-11-21 N/A 7.5 HIGH
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) is unresponsive with ConReqTimeoutZero.
CVE-2022-45192 1 Microchip 2 Rn4870, Rn4870 Firmware 2024-11-21 N/A 6.5 MEDIUM
An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can cause a denial of service by sending a cleartext encryption pause request.
CVE-2022-45191 1 Microchip 2 Rn4870, Rn4870 Firmware 2024-11-21 N/A 6.5 MEDIUM
An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can cause a denial of service by sending a pair confirm message with wrong values.
CVE-2022-45190 1 Microchip 2 Rn4870, Rn4870 Firmware 2024-11-21 N/A 5.3 MEDIUM
An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can bypass passkey entry in the legacy pairing of the device.