6.5
CVE-2022-46402
- EPSS 0.07%
- Published 19.12.2022 23:15:11
- Last modified 17.04.2025 15:15:51
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PairCon_rmSend with incorrect values.
Data is provided by the National Vulnerability Database (NVD)
Microchip ≫ Bm78 Firmware Version1.43
Microchip ≫ Bm83 Firmware Version1.43
Microchip ≫ Rn4870 Firmware Version1.43
Microchip ≫ Rn4871 Firmware Version1.43
Microchip ≫ Bm70 Firmware Version1.43
Microchip ≫ Bm71 Firmware Version1.43
Microchip ≫ Pic Lightblue Explorer Demo Firmware Version4.2_dt100112
Microchip ≫ Is1870 Firmware Version1.43
Microchip ≫ Is1871 Firmware Version1.43
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.229 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-354 Improper Validation of Integrity Check Value
The product does not validate or incorrectly validates the integrity check values or "checksums" of a message. This may prevent it from detecting if the data has been modified or corrupted in transmission.