Vulnerabilities > Microchip
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-19 | CVE-2022-46400 | Unspecified vulnerability in Microchip products The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) allows attackers to bypass passkey entry in legacy pairing. low complexity microchip | 5.4 |
| 2022-12-19 | CVE-2022-46401 | Unspecified vulnerability in Microchip products The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PauseEncReqPlainText before pairing is complete. low complexity microchip | 5.4 |
| 2022-12-19 | CVE-2022-46402 | Improper Validation of Integrity Check Value vulnerability in Microchip products The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PairCon_rmSend with incorrect values. | 6.5 |
| 2022-12-19 | CVE-2022-46403 | Unspecified vulnerability in Microchip products The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) mishandles reject messages. | 8.6 |
| 2021-08-05 | CVE-2021-37604 | Always-Incorrect Control Flow Implementation vulnerability in Microchip Miwi 6.5 In version 6.5 of Microchip MiWi software and all previous versions including legacy products, there is a possibility of frame counters being validated/updated prior to the message authentication. | 5.0 |
| 2021-08-05 | CVE-2021-37605 | Always-Incorrect Control Flow Implementation vulnerability in Microchip Miwi 6.5 In version 6.5 Microchip MiWi software and all previous versions including legacy products, the stack is validating only two out of four Message Integrity Check (MIC) bytes. | 5.0 |
| 2021-01-19 | CVE-2020-20950 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications 2018-11-26 All up to 2018-11-26. | 4.3 |
| 2020-12-11 | CVE-2020-17441 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in picoTCP 1.7.0. | 6.4 |
| 2020-10-22 | CVE-2019-16128 | Classic Buffer Overflow vulnerability in Microchip Cryptoauthlib Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 has a Buffer Overflow (issue 1 of 2). | 4.6 |
| 2020-10-22 | CVE-2019-16129 | Classic Buffer Overflow vulnerability in Microchip Cryptoauthlib Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 has a Buffer Overflow (issue 2 of 2). | 4.6 |