First published: Thu Aug 05 2021(Updated: )
In version 6.5 Microchip MiWi software and all previous versions including legacy products, the stack is validating only two out of four Message Integrity Check (MIC) bytes.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microchip MiWi | =6.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-37605 is a vulnerability in Microchip MiWi software versions 6.5 and earlier that allows for the validation of only two out of four Message Integrity Check (MIC) bytes.
CVE-2021-37605 has a severity rating of 7.5, which is considered high.
CVE-2021-37605 affects Microchip MiWi software versions 6.5 and all previous versions, including legacy products.
To fix CVE-2021-37605, update your Microchip MiWi software to version 6.5 or later.
You can find more information about CVE-2021-37605 in the following references: [Reference 1](https://ww1.microchip.com/downloads/en/DeviceDoc/asf-release-notes-3.50.0.100-readme.pdf), [Reference 2](https://ww1.microchip.com/downloads/en/DeviceDoc/asf-release-notes-3.51.0.101-readme.pdf), [Reference 3](https://www.microchip.com/en-us/development-tools-tools-and-software/libraries-code-examples-and-more/advanced-software-framework-for-sam-devices#Downloads).