Vulnerabilities > Nordicsemi

DATE CVE VULNERABILITY TITLE RISK
2023-02-08 CVE-2022-40480 Nordic Semiconductor, Microchip Technology NRF5340-DK DT100112 was discovered to contain an issue which allows attackers to cause a Denial of Service (DoS) via a crafted ConReq packet.
low complexity
microchip nordicsemi
6.5
2022-08-15 CVE-2022-35623 Out-of-bounds Write vulnerability in Nordicsemi Nrf5 SDK for Mesh 5.0
In Nordic nRF5 SDK for Mesh 5.0, a heap overflow vulnerability can be triggered by sending a series of segmented control packets and access packets with the same SeqAuth
low complexity
nordicsemi CWE-787
8.8
2022-08-15 CVE-2022-35624 Out-of-bounds Write vulnerability in Nordicsemi Nrf5 SDK for Mesh 5.0
In Nordic nRF5 SDK for Mesh 5.0, a heap overflow vulnerability can be triggered by sending a series of segmented packets with SegO > SegN
low complexity
nordicsemi CWE-787
8.8
2021-05-21 CVE-2020-27211 Information Exposure Through Discrepancy vulnerability in Nordicsemi Nrf52840 Firmware 20201019
Nordic Semiconductor nRF52840 devices through 2020-10-19 have improper protection against physical side channels.
high complexity
nordicsemi CWE-203
5.7
2021-05-21 CVE-2021-29415 Information Exposure Through Discrepancy vulnerability in Nordicsemi Nrf52840 Firmware 20201019/20210329
The elliptic curve cryptography (ECC) hardware accelerator, part of the ARM® TrustZone® CryptoCell 310, contained in the NordicSemiconductor nRF52840 through 2021-03-29 has a non-constant time ECDSA implemenation.
local
low complexity
nordicsemi CWE-203
5.5
2020-07-07 CVE-2020-15509 Cleartext Transmission of Sensitive Information vulnerability in Nordicsemi Android BLE Library and DFU Library
Nordic Semiconductor Android BLE Library through 2.2.1 and DFU Library through 1.10.4 for Android (as used by nRF Connect and other applications) can engage in unencrypted communication while showing the user that the communication is purportedly encrypted.
low complexity
nordicsemi CWE-319
6.5