First published: Mon Dec 19 2022(Updated: )
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PauseEncReqPlainText before pairing is complete.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microchip Bm78 Firmware | =1.43 | |
Microchip Bm78 | ||
Microchip Bm83 Firmware | =1.43 | |
Microchip Bm83 | ||
Microchip Rn4870 Firmware | =1.43 | |
Microchip RN4870 | ||
Microchip Rn4871 Firmware | =1.43 | |
Microchip Rn4871 | ||
Microchip Bm70 Firmware | =1.43 | |
Microchip Bm70 | ||
Microchip Bm71 Firmware | =1.43 | |
Microchip Bm71 | ||
Microchip Pic Lightblue Explorer Demo Firmware | =4.2_dt100112 | |
Microchip PIC LightBlue Explorer Demo | ||
Microchip Pic32cx1012bz25048 Firmware | ||
Microchip Pic32cx1012bz25048 | ||
Microchip Wbz451 Firmware | ||
Microchip Wbz451 | ||
Microchip Rn4678 Firmware | =1.43 | |
Microchip Rn4678 | ||
Microchip Bm77 Firmware | =1.43 | |
Microchip Bm77 | ||
Microchip Bm64 Firmware | =1.43 | |
Microchip Bm64 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-46401 is a vulnerability in the Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) that allows the acceptance of PauseEncReqPlainText before pairing is complete.
CVE-2022-46401 has a severity level of medium, with a CVSS score of 5.4.
The Microchip RN4870 module firmware version 1.43 is affected by CVE-2022-46401.
Currently, there is no official fix for CVE-2022-46401. It is recommended to follow the security guidelines provided by Microchip and stay updated with any patches or firmware updates they release.
You can find more information about CVE-2022-46401 on the microchip.com website and in the proceedings articles published by Computer.org.