7.5

CVE-2022-46399

Exploit

The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) is unresponsive with ConReqTimeoutZero.

Data is provided by the National Vulnerability Database (NVD)
MicrochipBm78 Firmware Version1.43
   MicrochipBm78 Version-
MicrochipBm83 Firmware Version1.43
   MicrochipBm83 Version-
MicrochipRn4870 Firmware Version1.43
   MicrochipRn4870 Version-
MicrochipRn4871 Firmware Version1.43
   MicrochipRn4871 Version-
MicrochipBm70 Firmware Version1.43
   MicrochipBm70 Version-
MicrochipBm71 Firmware Version1.43
   MicrochipBm71 Version-
MicrochipBm64 Firmware Version1.43
   MicrochipBm64 Version-
MicrochipBm77 Firmware Version1.43
   MicrochipBm77 Version-
MicrochipIs1870 Firmware Version1.43
   MicrochipIs1870 Version-
MicrochipIs1871 Firmware Version1.43
   MicrochipIs1871 Version-
MicrochipRn4678 Firmware Version1.43
   MicrochipRn4678 Version-
MicrochipWbz451 Firmware Version1.43
   MicrochipWbz451 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.16% 0.375
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 1.6 5.9
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 1.6 5.9
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.