Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Rn4870_firmware
(Microchip)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 8 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-12-19 | CVE-2022-46399 | The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) is unresponsive with ConReqTimeoutZero. | Bm64_firmware, Bm70_firmware, Bm71_firmware, Bm77_firmware, Bm78_firmware, Bm83_firmware, Is1870_firmware, Is1871_firmware, Pic32cx1012bz25048_firmware, Pic_lightblue_explorer_demo_firmware, Rn4678_firmware, Rn4870_firmware, Rn4871_firmware, Wbz451_firmware | 7.5 | ||
| 2022-12-19 | CVE-2022-46400 | The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) allows attackers to bypass passkey entry in legacy pairing. | Bm70_firmware, Bm71_firmware, Bm78_firmware, Bm83_firmware, Is1870_firmware, Is1871_firmware, Pic_lightblue_explorer_demo_firmware, Rn4870_firmware, Rn4871_firmware | 5.4 | ||
| 2023-02-08 | CVE-2022-45190 | An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can bypass passkey entry in the legacy pairing of the device. | Rn4870_firmware | 5.3 | ||
| 2023-02-08 | CVE-2022-45192 | An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can cause a denial of service by sending a cleartext encryption pause request. | Rn4870_firmware | 6.5 | ||
| 2023-02-08 | CVE-2022-45191 | An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can cause a denial of service by sending a pair confirm message with wrong values. | Rn4870_firmware | 6.5 | ||
| 2022-12-19 | CVE-2022-46401 | The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PauseEncReqPlainText before pairing is complete. | Bm64_firmware, Bm70_firmware, Bm71_firmware, Bm77_firmware, Bm78_firmware, Bm83_firmware, Pic32cx1012bz25048_firmware, Pic_lightblue_explorer_demo_firmware, Rn4678_firmware, Rn4870_firmware, Rn4871_firmware, Wbz451_firmware | 5.4 | ||
| 2022-12-19 | CVE-2022-46402 | The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PairCon_rmSend with incorrect values. | Bm70_firmware, Bm71_firmware, Bm78_firmware, Bm83_firmware, Is1870_firmware, Is1871_firmware, Pic_lightblue_explorer_demo_firmware, Rn4870_firmware, Rn4871_firmware | 6.5 | ||
| 2022-12-19 | CVE-2022-46403 | The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) mishandles reject messages. | Bm70_firmware, Bm71_firmware, Bm78_firmware, Bm83_firmware, Is1870_firmware, Is1871_firmware, Pic_lightblue_explorer_demo_firmware, Rn4870_firmware, Rn4871_firmware | 8.6 |