First published: Mon Dec 19 2022(Updated: )
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PairCon_rmSend with incorrect values.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microchip Bm78 Firmware | =1.43 | |
Microchip Bm78 | ||
Microchip Bm83 Firmware | =1.43 | |
Microchip Bm83 | ||
Microchip Rn4870 Firmware | =1.43 | |
Microchip RN4870 | ||
Microchip Rn4871 Firmware | =1.43 | |
Microchip Rn4871 | ||
Microchip Bm70 Firmware | =1.43 | |
Microchip Bm70 | ||
Microchip Bm71 Firmware | =1.43 | |
Microchip Bm71 | ||
Microchip Pic Lightblue Explorer Demo Firmware | =4.2_dt100112 | |
Microchip PIC LightBlue Explorer Demo | ||
Microchip Is1870 Firmware | =1.43 | |
Microchip Is1870 | ||
Microchip Is1871 Firmware | =1.43 | |
Microchip Is1871 | ||
All of | ||
Microchip Bm78 Firmware | =1.43 | |
Microchip Bm78 | ||
All of | ||
Microchip Bm83 Firmware | =1.43 | |
Microchip Bm83 | ||
All of | ||
Microchip Rn4870 Firmware | =1.43 | |
Microchip RN4870 | ||
All of | ||
Microchip Rn4871 Firmware | =1.43 | |
Microchip Rn4871 | ||
All of | ||
Microchip Bm70 Firmware | =1.43 | |
Microchip Bm70 | ||
All of | ||
Microchip Bm71 Firmware | =1.43 | |
Microchip Bm71 | ||
All of | ||
Microchip Pic Lightblue Explorer Demo Firmware | =4.2_dt100112 | |
Microchip PIC LightBlue Explorer Demo | ||
All of | ||
Microchip Is1870 Firmware | =1.43 | |
Microchip Is1870 | ||
All of | ||
Microchip Is1871 Firmware | =1.43 | |
Microchip Is1871 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2022-46402 is medium, with a severity value of 6.5.
The Microchip RN4870 module firmware version 1.43 and the Microchip PIC LightBlue Explorer Demo firmware version 4.2 DT100112 are affected by CVE-2022-46402.
To fix CVE-2022-46402, update the Microchip RN4870 module firmware to a version that addresses the vulnerability.
The Common Weakness Enumeration (CWE) ID for CVE-2022-46402 is CWE-354.
You can find more information about CVE-2022-46402 on the Microchip website and the proceedings article provided in the references.