Firmware Vulnerability in Microchip RN4870 Module and LightBlue Explorer Demo
CVE-2022-46401

5.4MEDIUM

Key Information:

Vendor: Microchip
Status: Bm78 Firmware
Vendor: CVE Published:; 19 December 2022

What is CVE-2022-46401?

The Microchip RN4870 module firmware version 1.43 and the LightBlue Explorer Demo 4.2 DT100112 exhibit a vulnerability where the device can accept a PauseEncReqPlainText message prior to the completion of the pairing process. This situation may expose the module to potential security risks as it can lead to unintended interactions and may allow attackers to inject malicious commands during the initialization phase of the Bluetooth connection.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.computer.org/csdl/proceedings/sp/2023/1He7WWu...

https://www.computer.org/csdl/proceedings-article/sp/2023...

https://microchip.com

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 19, 2022
Vulnerability Reserved
Dec 4, 2022

JSON

Microchip

What is CVE-2022-46401?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.