5 matches found
CVE-2022-46399
The CVE-2022-46399 issue affects Microchip RN4870 module firmware version 1.43 and the Microchip PIC LightBlue Explorer Demo version 4.2 DT100112, described as an unresponsive state caused by ConReqTimeoutZero. The vulnerability is documented with a CVSS v3.1 base score of 7.5 (HIGH) and an adjac...
CVE-2022-46401
The CVE-2022-46401 affects Microchip RN4870 module firmware v1.43 and the Microchip PIC LightBlue Explorer Demo v4.2 DT100112, where PauseEncReqPlainText is accepted before pairing is complete. This can place the low-power Bluetooth stack in a faulty state, discarding other messages and causing s...
CVE-2022-46400
CVE-2022-46400 affects Microchip RN4870 module firmware 1.43 and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112, enabling an attacker to bypass passkey entry in legacy Bluetooth pairing. The publicly documented impact is a bypass of authentication during legacy pairing, with CVSSv3.1 metr...
CVE-2022-46403
The CVE-2022-46403 entry concerns the Microchip RN4870 module firmware v1.43 and the Microchip PIC LightBlue Explorer Demo v4.2 DT100112, which mishandle reject messages. Connected sources confirm affected products/versions but do not provide root-cause details, exploit information, or a vendor-s...
CVE-2022-46402
The CVE-2022-46402 entry concerns Microchip RN4870 module firmware v1.43 and the PIC LightBlue Explorer Demo 4.2 DT100112, where PairCon_rmSend accepts incorrect values due to improper validation. Documented impact per CVSS indicates availability impact is HIGH while other CIA aspects are NONE. T...