Denial of Service Vulnerability in Nordic Semiconductor's NRF5340-DK Development Kit
CVE-2022-40480

6.5MEDIUM

Key Information:

Vendor: Microchip
Status: Dt100112 Firmware
Vendor: CVE Published:; 8 February 2023

What is CVE-2022-40480?

The Nordic Semiconductor NRF5340-DK Development Kit, specifically version DT100112, has been identified to have a vulnerability that can be exploited to induce a Denial of Service (DoS). This issue arises when attackers send a specially crafted ConReq packet, which disrupts the normal operation of the device and may result in service interruptions. It is crucial for users of this development kit to remain vigilant and apply necessary security measures to mitigate the risks associated with this vulnerability.

References

https://blediff.github.io/

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 8, 2023
Vulnerability Reserved
Sep 11, 2022

Microchip

What is CVE-2022-40480?

References

CVSS V3.1

Timeline