Wi-Fi Authentication Flooding Vulnerability in MediaTek Microchips Used in NETGEAR Devices
CVE-2021-41788

6.5MEDIUM

Key Information:

Vendor: Mediatek
Status: Mt7603e Firmware
Vendor: CVE Published:; 26 December 2021

What is CVE-2021-41788?

MediaTek microchips, utilized in various NETGEAR devices, exhibit a vulnerability that arises from mishandling Wi-Fi authentication flooding attempts. This can potentially disrupt the normal operation of affected devices, leading to unauthorized network access and service interruptions. The impacted chipset models include MT7603E, MT7612, MT7613, MT7615, MT7622, MT7628, MT7629, and MT7915, with software versions affected up to 7.4.0.0. This vulnerability necessitates immediate attention from users to implement protective measures and updates as recommended by the vendor.

References

https://kb.netgear.com/000064369/Security-Advisory-for-Wi...

x_refsource_MISC

https://corp.mediatek.com/product-security-bulletin/Janua...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 26, 2021
Vulnerability Reserved
Sep 29, 2021

Mediatek

What is CVE-2021-41788?

References

CVSS V3.1

Timeline