First published: Tue Jul 26 2022(Updated: )
In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning.
Credit: vulnerabilities@zephyrproject.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zephyrproject Zephyr | <=3.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2022-1041.
The title of the vulnerability is 'In Zephyr bluetooth mesh core stack an out-of-bound write vulnerability can be triggered during provisioning.'
The severity of the vulnerability is high with a CVSS score of 8.8.
The Zephyr bluetooth mesh core stack version up to 3.0.0 is affected by the vulnerability.
The vulnerability can be triggered during provisioning in the Zephyr bluetooth mesh core stack.