1. Home
  2. CVE Database
  3. CVE-2022-46400
MEDIUM · 5.4

CVE-2022-46400

The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) allows attackers to bypass passkey entry in legacy pairing.

Vulnerability Description

The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) allows attackers to bypass passkey entry in legacy pairing.

CVSS Score

5.4

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
LOW
Availability
LOW

Affected Products

VendorProductVersions
MicrochipBm78 Firmware1.43
MicrochipBm78-
MicrochipBm83 Firmware1.43
MicrochipBm83-
MicrochipRn4870 Firmware1.43
MicrochipRn4870-
MicrochipRn4871 Firmware1.43
MicrochipRn4871-
MicrochipBm70 Firmware1.43
MicrochipBm70-
MicrochipBm71 Firmware1.43
MicrochipBm71-
MicrochipPic Lightblue Explorer Demo Firmware4.2_dt100112
MicrochipPic Lightblue Explorer Demo-
MicrochipIs1870 Firmware1.43
MicrochipIs1870-
MicrochipIs1871 Firmware1.43
MicrochipIs1871-

Related Weaknesses (CWE)

CWE-287

References

FAQ

What is CVE-2022-46400?

CVE-2022-46400 is a vulnerability with a CVSS score of 5.4 (MEDIUM). The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) allows attackers to bypass passkey entry in legacy pairing.

How severe is CVE-2022-46400?

CVE-2022-46400 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-46400?

Check the references section above for vendor advisories and patch information. Affected products include: Microchip Bm78 Firmware, Microchip Bm78, Microchip Bm83 Firmware, Microchip Bm83, Microchip Rn4870 Firmware.