Vulnerabilities > CVE-2022-35623 - Out-of-bounds Write vulnerability in Nordicsemi Nrf5 SDK for Mesh 5.0

047910
CVSS 8.8 - HIGH
Attack vector
ADJACENT_NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
low complexity
nordicsemi
CWE-787

Summary

In Nordic nRF5 SDK for Mesh 5.0, a heap overflow vulnerability can be triggered by sending a series of segmented control packets and access packets with the same SeqAuth

Vulnerable Configurations

Part Description Count
Application
Nordicsemi
1

Common Weakness Enumeration (CWE)