📦

rn4870

Vendor: microchip

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 0 Code Available
Total RCEs 0 Remote Access
Total CVEs 8 Total Indexed
Avg. EPSS 0.12% Exploit Prob.
Latest CVE CVE-2022-45192 Feb 08

Security Vulnerability Index

Page 1 / 1
6.5 CVSS
CVE-2022-45192

An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can cause a denial of service by sending a cleartext encryption pause request.

EPSS: 0.06%
6.5 CVSS
CVE-2022-45191

An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can cause a denial of service by sending a pair confirm message with wrong values.

EPSS: 0.03%
5.3 CVSS
CVE-2022-45190

An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can bypass passkey entry in the legacy pairing of the device.

EPSS: 0.09%
8.6 CVSS
CVE-2022-46403

The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) mishandles reject messages.

EPSS: 0.30%
6.5 CVSS
CVE-2022-46402

The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PairCon_rmSend with incorrect values.

EPSS: 0.06%
5.4 CVSS
CVE-2022-46401

The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PauseEncReqPlainText before pairing is complete.

EPSS: 0.12%
5.4 CVSS
CVE-2022-46400

The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) allows attackers to bypass passkey entry in legacy pairing.

EPSS: 0.11%
7.5 CVSS
CVE-2022-46399

The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) is unresponsive with ConReqTimeoutZero.

EPSS: 0.21%