Design/Logic Flaw

2022-12-1923:15:00

PRIOn knowledge base

www.prio-n.com

microchip

rn4870

module

firmware

pauseencreqplaintext

pairing

security flaw

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

24.3%

JSON

The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PauseEncReqPlainText before pairing is complete.

CPENameOperatorVersion
bm64_firmwareeq1.43
bm70_firmwareeq1.43
bm71_firmwareeq1.43
bm77_firmwareeq1.43
bm78_firmwareeq1.43
bm83_firmwareeq1.43
pic_lightblue_explorer_demo_firmwareeq4.2.0-dt100112
rn4678_firmwareeq1.43
rn4870_firmwareeq1.43
rn4871_firmwareeq1.43

Name	Operator	Version
bm64_firmware	eq	1.43
bm70_firmware	eq	1.43
bm71_firmware	eq	1.43
bm77_firmware	eq	1.43
bm78_firmware	eq	1.43
bm83_firmware	eq	1.43
pic_lightblue_explorer_demo_firmware	eq	4.2.0-dt100112
rn4678_firmware	eq	1.43
rn4870_firmware	eq	1.43
rn4871_firmware	eq	1.43