Denial of Service Vulnerability in Microchip RN4870 Devices
CVE-2022-45191

6.5MEDIUM

Key Information:

Vendor: Microchip
Status: Rn4870 Firmware
Vendor: CVE Published:; 8 February 2023

What is CVE-2022-45191?

A vulnerability in Microchip RN4870 1.43 devices allows an attacker within Bluetooth Low Energy (BLE) range to induce a denial of service condition. This is executed by sending an improperly formatted pair confirm message, which can disrupt the device's normal operation. Organizations using these affected devices should consider implementing measures to mitigate potential exploitation and safeguard their systems.

References

https://www.microchip.com/en-us/support/product-change-no...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 8, 2023
Vulnerability Reserved
Nov 11, 2022