Skip to main content

Bm71 Firmware

5 CVEs product

Monthly

CVE-2022-46403 HIGH POC This Week

The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) mishandles reject messages. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Bm78 Firmware Bm83 Firmware Rn4870 Firmware Rn4871 Firmware +5
NVD
CVSS 3.1
8.6
EPSS
0.8%
CVE-2022-46402 MEDIUM POC This Month

The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PairCon_rmSend with incorrect values. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Bm78 Firmware Bm83 Firmware Rn4870 Firmware Rn4871 Firmware +5
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-46401 MEDIUM POC This Month

The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PauseEncReqPlainText before pairing is complete. Rated medium severity (CVSS 5.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Bm78 Firmware Bm83 Firmware Rn4870 Firmware Rn4871 Firmware +8
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2022-46400 MEDIUM POC This Month

The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) allows attackers to bypass passkey entry in legacy pairing. Rated medium severity (CVSS 5.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Bm78 Firmware Bm83 Firmware Rn4870 Firmware Rn4871 Firmware +5
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2022-46399 HIGH POC This Week

The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) is unresponsive with ConReqTimeoutZero. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Denial Of Service Bm78 Firmware Bm83 Firmware Rn4870 Firmware Rn4871 Firmware +10
NVD
CVSS 3.1
7.5
EPSS
0.7%
EPSS 1% CVSS 8.6
HIGH POC This Week

The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) mishandles reject messages. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Bm78 Firmware Bm83 Firmware +7
NVD
EPSS 0% CVSS 6.5
MEDIUM POC This Month

The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PairCon_rmSend with incorrect values. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Bm78 Firmware Bm83 Firmware +7
NVD
EPSS 1% CVSS 5.4
MEDIUM POC This Month

The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PauseEncReqPlainText before pairing is complete. Rated medium severity (CVSS 5.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Bm78 Firmware Bm83 Firmware +10
NVD
EPSS 1% CVSS 5.4
MEDIUM POC This Month

The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) allows attackers to bypass passkey entry in legacy pairing. Rated medium severity (CVSS 5.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Bm78 Firmware Bm83 Firmware +7
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) is unresponsive with ConReqTimeoutZero. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Denial Of Service Bm78 Firmware Bm83 Firmware +12
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy