Vulnerabilities > Microchip
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-19 | CVE-2022-46402 | Improper Validation of Integrity Check Value vulnerability in Microchip products The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PairCon_rmSend with incorrect values. | 6.5 |
| 2022-12-19 | CVE-2022-46403 | Unspecified vulnerability in Microchip products The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) mishandles reject messages. | 8.6 |
| 2021-08-05 | CVE-2021-37604 | Always-Incorrect Control Flow Implementation vulnerability in Microchip Miwi 6.5 In version 6.5 of Microchip MiWi software and all previous versions including legacy products, there is a possibility of frame counters being validated/updated prior to the message authentication. | 7.5 |
| 2021-08-05 | CVE-2021-37605 | Always-Incorrect Control Flow Implementation vulnerability in Microchip Miwi 6.5 In version 6.5 Microchip MiWi software and all previous versions including legacy products, the stack is validating only two out of four Message Integrity Check (MIC) bytes. | 7.5 |
| 2021-01-19 | CVE-2020-20950 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications 2018-11-26 All up to 2018-11-26. | 5.9 |
| 2020-12-11 | CVE-2020-17441 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in picoTCP 1.7.0. | 9.1 |
| 2020-10-22 | CVE-2019-16128 | Classic Buffer Overflow vulnerability in Microchip Cryptoauthlib Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 has a Buffer Overflow (issue 1 of 2). | 6.8 |
| 2020-10-22 | CVE-2019-16129 | Classic Buffer Overflow vulnerability in Microchip Cryptoauthlib Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 has a Buffer Overflow (issue 2 of 2). | 6.8 |
| 2020-10-22 | CVE-2019-16127 | Integer Overflow or Wraparound vulnerability in Microchip Advanced Software Framework 4 Atmel Advanced Software Framework (ASF) 4 has an Integer Overflow. | 9.1 |
| 2020-09-14 | CVE-2020-12789 | Use of Hard-coded Credentials vulnerability in Microchip products The Secure Monitor in Microchip Atmel ATSAMA5 products use a hardcoded key to encrypt and authenticate secure applets. | 7.5 |