Search criteria
28 vulnerabilities by microchip
CVE-2025-47902 (GCVE-0-2025-47902)
Vulnerability from cvelistv5 – Published: 2025-10-20 17:52 – Updated: 2025-10-21 15:38
VLAI?
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Microchip Time Provider 4100 allows SQL Injection.This issue affects Time Provider 4100: before 2.5.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microchip | Time Provider 4100 |
Affected:
0 , < 2.5
(semver)
|
Credits
Dario Emilio Bertani
Raffaele Bova
Andrea Sindoni
Simone Bossi
Antonio Carriero
Marco Manieri
Vito Pistillo
Davide Renna
Manuel Leone
Massimiliano Brolli
TIM Security Red Team Research (TIM S.p.A)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47902",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-21T15:37:47.373652Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T15:38:03.210Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Time Provider 4100",
"vendor": "Microchip",
"versions": [
{
"lessThan": "2.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A user authenticated on the web interface on the separate management port."
}
],
"value": "A user authenticated on the web interface on the separate management port."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dario Emilio Bertani"
},
{
"lang": "en",
"type": "finder",
"value": "Raffaele Bova"
},
{
"lang": "en",
"type": "finder",
"value": "Andrea Sindoni"
},
{
"lang": "en",
"type": "finder",
"value": "Simone Bossi"
},
{
"lang": "en",
"type": "finder",
"value": "Antonio Carriero"
},
{
"lang": "en",
"type": "finder",
"value": "Marco Manieri"
},
{
"lang": "en",
"type": "finder",
"value": "Vito Pistillo"
},
{
"lang": "en",
"type": "finder",
"value": "Davide Renna"
},
{
"lang": "en",
"type": "finder",
"value": "Manuel Leone"
},
{
"lang": "en",
"type": "finder",
"value": "Massimiliano Brolli"
},
{
"lang": "en",
"type": "reporter",
"value": "TIM Security Red Team Research (TIM S.p.A)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Microchip Time Provider 4100 allows SQL Injection.\u003cp\u003eThis issue affects Time Provider 4100: before 2.5.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Microchip Time Provider 4100 allows SQL Injection.This issue affects Time Provider 4100: before 2.5."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-20T17:52:52.844Z",
"orgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"shortName": "Microchip"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/timeprovider-4100-grandmaster-remote-sql-command-injection-47902"
}
],
"source": {
"advisory": "PSIRT-103",
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2025-04-15T07:00:00.000Z",
"value": "Reported"
}
],
"title": "SQL Injection in web resource",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Do not expose the web interface on the separate management port to an \nuntrusted network. For added security, users have the option to disable \nthe web interface, further protecting the device from potential \nweb-based exploitations."
}
],
"value": "Do not expose the web interface on the separate management port to an \nuntrusted network. For added security, users have the option to disable \nthe web interface, further protecting the device from potential \nweb-based exploitations."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"assignerShortName": "Microchip",
"cveId": "CVE-2025-47902",
"datePublished": "2025-10-20T17:52:52.844Z",
"dateReserved": "2025-05-13T19:24:53.452Z",
"dateUpdated": "2025-10-21T15:38:03.210Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-47901 (GCVE-0-2025-47901)
Vulnerability from cvelistv5 – Published: 2025-10-20 17:48 – Updated: 2025-10-21 15:38
VLAI?
Summary
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Microchip Time Provider 4100 allows OS Command Injection.This issue affects Time Provider 4100: before 2.5.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microchip | Time Provider 4100 |
Affected:
0 , < 2.5
(semver)
|
Credits
Dario Emilio Bertani
Raffaele Bova
Andrea Sindoni
Simone Bossi
Antonio Carriero
Marco Manieri
Vito Pistillo
Davide Renna
Manuel Leone
Massimiliano Brolli
TIM Security Red Team Research (TIM S.p.A)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47901",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-21T15:38:53.264980Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T15:38:55.864Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Time Provider 4100",
"vendor": "Microchip",
"versions": [
{
"lessThan": "2.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authenticated user with access to the web interface on a separate management port"
}
],
"value": "An authenticated user with access to the web interface on a separate management port"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dario Emilio Bertani"
},
{
"lang": "en",
"type": "finder",
"value": "Raffaele Bova"
},
{
"lang": "en",
"type": "finder",
"value": "Andrea Sindoni"
},
{
"lang": "en",
"type": "finder",
"value": "Simone Bossi"
},
{
"lang": "en",
"type": "finder",
"value": "Antonio Carriero"
},
{
"lang": "en",
"type": "finder",
"value": "Marco Manieri"
},
{
"lang": "en",
"type": "finder",
"value": "Vito Pistillo"
},
{
"lang": "en",
"type": "finder",
"value": "Davide Renna"
},
{
"lang": "en",
"type": "finder",
"value": "Manuel Leone"
},
{
"lang": "en",
"type": "finder",
"value": "Massimiliano Brolli"
},
{
"lang": "en",
"type": "reporter",
"value": "TIM Security Red Team Research (TIM S.p.A)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) vulnerability in Microchip Time Provider 4100 allows OS Command Injection.\u003cp\u003eThis issue affects Time Provider 4100: before 2.5.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) vulnerability in Microchip Time Provider 4100 allows OS Command Injection.This issue affects Time Provider 4100: before 2.5."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-20T17:48:20.775Z",
"orgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"shortName": "Microchip"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/timeprovider-4100-grandmaster-remote-command-execution-47901"
}
],
"source": {
"advisory": "PSIRT-102",
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2025-04-15T07:00:00.000Z",
"value": "Reported"
}
],
"title": "RCE on restore configuration password",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Do not expose the web interface on the separate management port to an \nuntrusted network. For added security, users have the option to disable \nthe web interface, further protecting the device from potential \nweb-based exploitations."
}
],
"value": "Do not expose the web interface on the separate management port to an \nuntrusted network. For added security, users have the option to disable \nthe web interface, further protecting the device from potential \nweb-based exploitations."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"assignerShortName": "Microchip",
"cveId": "CVE-2025-47901",
"datePublished": "2025-10-20T17:48:20.775Z",
"dateReserved": "2025-05-13T19:24:53.452Z",
"dateUpdated": "2025-10-21T15:38:55.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-47900 (GCVE-0-2025-47900)
Vulnerability from cvelistv5 – Published: 2025-10-20 17:43 – Updated: 2025-10-20 18:02
VLAI?
Summary
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Microchip Time Provider 4100 allows OS Command Injection.This issue affects Time Provider 4100: before 2.5.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microchip | Time Provider 4100 |
Affected:
0 , < 2.5
(semver)
|
Credits
Dario Emilio Bertani
Raffaele Bova
Andrea Sindoni
Simone Bossi
Antonio Carriero
Marco Manieri
Vito Pistillo
Davide Renna
Manuel Leone
Massimiliano Brolli
TIM Security Red Team Research (TIM S.p.A)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47900",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-20T18:01:10.599374Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-20T18:02:36.954Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Time Provider 4100",
"vendor": "Microchip",
"versions": [
{
"lessThan": "2.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authenticated user with access to the web interface on a separate management port."
}
],
"value": "An authenticated user with access to the web interface on a separate management port."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dario Emilio Bertani"
},
{
"lang": "en",
"type": "finder",
"value": "Raffaele Bova"
},
{
"lang": "en",
"type": "finder",
"value": "Andrea Sindoni"
},
{
"lang": "en",
"type": "finder",
"value": "Simone Bossi"
},
{
"lang": "en",
"type": "finder",
"value": "Antonio Carriero"
},
{
"lang": "en",
"type": "finder",
"value": "Marco Manieri"
},
{
"lang": "en",
"type": "finder",
"value": "Vito Pistillo"
},
{
"lang": "en",
"type": "finder",
"value": "Davide Renna"
},
{
"lang": "en",
"type": "finder",
"value": "Manuel Leone"
},
{
"lang": "en",
"type": "finder",
"value": "Massimiliano Brolli"
},
{
"lang": "en",
"type": "reporter",
"value": "TIM Security Red Team Research (TIM S.p.A)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) vulnerability in Microchip Time Provider 4100 allows OS Command Injection.\u003cp\u003eThis issue affects Time Provider 4100: before 2.5.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) vulnerability in Microchip Time Provider 4100 allows OS Command Injection.This issue affects Time Provider 4100: before 2.5."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-20T17:43:33.890Z",
"orgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"shortName": "Microchip"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/timeprovider-4100-grandmaster-remote-command-execution"
}
],
"source": {
"advisory": "PSIRT-101",
"discovery": "UNKNOWN"
},
"title": "RCE on backup configuration password",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Do not expose the web interface on the separate management port to an \nuntrusted network. For added security, users have the option to disable \nthe web interface, further protecting the device from potential \nweb-based exploitations."
}
],
"value": "Do not expose the web interface on the separate management port to an \nuntrusted network. For added security, users have the option to disable \nthe web interface, further protecting the device from potential \nweb-based exploitations."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"assignerShortName": "Microchip",
"cveId": "CVE-2025-47900",
"datePublished": "2025-10-20T17:43:33.890Z",
"dateReserved": "2025-05-13T19:24:53.452Z",
"dateUpdated": "2025-10-20T18:02:36.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29155 (GCVE-0-2024-29155)
Vulnerability from cvelistv5 – Published: 2024-10-16 15:51 – Updated: 2025-09-02 14:11
VLAI?
Summary
On Microchip RN4870 devices, when more than one consecutive PairReqNoInputNoOutput request is
received, the device becomes incapable of completing the pairing
process. A third party can inject a second PairReqNoInputNoOutput request
just after a real one, causing the pair request to be blocked.
Severity ?
4.3 (Medium)
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Credits
Wu, Tianwei
Hussain Syed Rafiul
Ishtiaq, Abdullah Al
RASHID, SYED MD MUKIT
The Pennsylvania State University
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29155",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-16T17:13:24.313288Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T14:11:05.181Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "RN4870",
"vendor": "Microchip",
"versions": [
{
"lessThan": "1.44",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Wu, Tianwei"
},
{
"lang": "en",
"type": "finder",
"value": "Hussain Syed Rafiul"
},
{
"lang": "en",
"type": "finder",
"value": "Ishtiaq, Abdullah Al"
},
{
"lang": "en",
"type": "finder",
"value": "RASHID, SYED MD MUKIT"
},
{
"lang": "en",
"type": "reporter",
"value": "The Pennsylvania State University"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "On Microchip RN4870 devices, when more than one consecutive PairReqNoInputNoOutput request is \nreceived, the device becomes incapable of completing the pairing \nprocess. A third party can inject a second PairReqNoInputNoOutput request \njust after a real one, causing the pair request to be blocked."
}
],
"value": "On Microchip RN4870 devices, when more than one consecutive PairReqNoInputNoOutput request is \nreceived, the device becomes incapable of completing the pairing \nprocess. A third party can inject a second PairReqNoInputNoOutput request \njust after a real one, causing the pair request to be blocked."
}
],
"impacts": [
{
"capecId": "CAPEC-125",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-125 Flooding"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-239",
"description": "CWE-239",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T20:19:19.590Z",
"orgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"shortName": "Microchip"
},
"references": [
{
"tags": [
"product"
],
"url": "https://www.microchip.com/en-us/product/rn4870"
},
{
"tags": [
"release-notes",
"product",
"technical-description"
],
"url": "https://ww1.microchip.com/downloads/aemDocuments/documents/WSG/ProductDocuments/SoftwareLibraries/Firmware/RN4870-71-Firmware-1.44.zip"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to firmware version 1.44 or higher.\u003cbr\u003e"
}
],
"value": "Update to firmware version 1.44 or higher."
}
],
"source": {
"advisory": "PSIRT-37",
"discovery": "UNKNOWN"
},
"title": "Denial of service on Microchip RN4870 devices",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"assignerShortName": "Microchip",
"cveId": "CVE-2024-29155",
"datePublished": "2024-10-16T15:51:11.819Z",
"dateReserved": "2024-03-18T06:11:27.983Z",
"dateUpdated": "2025-09-02T14:11:05.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43683 (GCVE-0-2024-43683)
Vulnerability from cvelistv5 – Published: 2024-10-04 19:56 – Updated: 2024-11-01 15:59
VLAI?
Summary
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Microchip TimeProvider 4100 allows XSS Through HTTP Headers.This issue affects TimeProvider 4100: from 1.0.
Severity ?
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microchip | TimeProvider 4100 |
Affected:
1.0 , < 2.4.7
(firmware)
|
Credits
Armando Huesca Prida
Marco Negro
Antonio Carriero
Vito Pistillo
Davide Renna
Manuel Leone
Massimiliano Brolli
TIM Security Red Team Research
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:microchip:timeprovider_4100_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "timeprovider_4100_firmware",
"vendor": "microchip",
"versions": [
{
"lessThan": "2.4.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43683",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T21:24:56.897223Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T22:15:29.701Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "TimeProvider 4100",
"vendor": "Microchip",
"versions": [
{
"lessThan": "2.4.7",
"status": "affected",
"version": "1.0",
"versionType": "firmware"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Armando Huesca Prida"
},
{
"lang": "en",
"type": "finder",
"value": "Marco Negro"
},
{
"lang": "en",
"type": "finder",
"value": "Antonio Carriero"
},
{
"lang": "en",
"type": "finder",
"value": "Vito Pistillo"
},
{
"lang": "en",
"type": "finder",
"value": "Davide Renna"
},
{
"lang": "en",
"type": "finder",
"value": "Manuel Leone"
},
{
"lang": "en",
"type": "finder",
"value": "Massimiliano Brolli"
},
{
"lang": "en",
"type": "reporter",
"value": "TIM Security Red Team Research"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability in Microchip TimeProvider 4100 allows XSS Through HTTP Headers.\u003cp\u003eThis issue affects TimeProvider 4100: from 1.0.\u003c/p\u003e"
}
],
"value": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability in Microchip TimeProvider 4100 allows XSS Through HTTP Headers.This issue affects TimeProvider 4100: from 1.0."
}
],
"impacts": [
{
"capecId": "CAPEC-86",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-86 XSS Through HTTP Headers"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:H/R:U/V:C/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T15:59:19.229Z",
"orgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"shortName": "Microchip"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/timeprovider-4100-grandmaster-improper-verification-of-host-header"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.gruppotim.it/it/footer/red-team.html"
}
],
"source": {
"advisory": "PSIRT-88",
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-06-27T11:03:00.000Z",
"value": "Reported"
}
],
"title": "Improper verification of the Host header in TimeProvider 4100",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It is important to note that the web interface is only available on a \nphysically separate management port and these vulnerabilities have no \nimpact on the timing service ports. For added security, users have the \noption to disable the web interface, further protecting the device from \npotential web-based exploitations.\u003cbr\u003e"
}
],
"value": "It is important to note that the web interface is only available on a \nphysically separate management port and these vulnerabilities have no \nimpact on the timing service ports. For added security, users have the \noption to disable the web interface, further protecting the device from \npotential web-based exploitations."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"assignerShortName": "Microchip",
"cveId": "CVE-2024-43683",
"datePublished": "2024-10-04T19:56:15.872Z",
"dateReserved": "2024-08-14T15:39:44.265Z",
"dateUpdated": "2024-11-01T15:59:19.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43684 (GCVE-0-2024-43684)
Vulnerability from cvelistv5 – Published: 2024-10-04 19:51 – Updated: 2025-08-29 20:11
VLAI?
Summary
Cross-Site Request Forgery (CSRF) vulnerability in Microchip TimeProvider 4100 allows Cross Site Request Forgery, Cross-Site Scripting (XSS).This issue affects TimeProvider 4100: from 1.0.
Severity ?
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microchip | TimeProvider 4100 |
Affected:
1.0 , ≤ 2.4.7
(firmware)
|
Credits
Armando Huesca Prida
Marco Negro
Antonio Carriero
Vito Pistillo
Davide Renna
Manuel Leone
Massimiliano Brolli
TIM Security Red Team Research
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:microchip:timeprovider_4100_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "timeprovider_4100_firmware",
"vendor": "microchip",
"versions": [
{
"lessThan": "2.4.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43684",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T21:24:57.843121Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T22:15:36.419Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "TimeProvider 4100",
"vendor": "Microchip",
"versions": [
{
"lessThanOrEqual": "2.4.7",
"status": "affected",
"version": "1.0",
"versionType": "firmware"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Armando Huesca Prida"
},
{
"lang": "en",
"type": "finder",
"value": "Marco Negro"
},
{
"lang": "en",
"type": "finder",
"value": "Antonio Carriero"
},
{
"lang": "en",
"type": "finder",
"value": "Vito Pistillo"
},
{
"lang": "en",
"type": "finder",
"value": "Davide Renna"
},
{
"lang": "en",
"type": "finder",
"value": "Manuel Leone"
},
{
"lang": "en",
"type": "finder",
"value": "Massimiliano Brolli"
},
{
"lang": "en",
"type": "reporter",
"value": "TIM Security Red Team Research"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Microchip TimeProvider 4100 allows Cross Site Request Forgery, Cross-Site Scripting (XSS).\u003cp\u003eThis issue affects TimeProvider 4100: from 1.0.\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Microchip TimeProvider 4100 allows Cross Site Request Forgery, Cross-Site Scripting (XSS).This issue affects TimeProvider 4100: from 1.0."
}
],
"impacts": [
{
"capecId": "CAPEC-62",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-62 Cross Site Request Forgery"
}
]
},
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:H/R:U/V:C/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T20:11:56.019Z",
"orgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"shortName": "Microchip"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.gruppotim.it/it/footer/red-team.html"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/timeprovider-4100-grandmaster-cross-site-request-forgery"
}
],
"source": {
"advisory": "PSIRT-87",
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-06-27T11:03:00.000Z",
"value": "Reported"
}
],
"title": "Cross-Site Request Forgery vulnerability in TimeProvider 4100",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It is important to note that the web interface is only available on a \nphysically separate management port and these vulnerabilities have no \nimpact on the timing service ports. For added security, users have the \noption to disable the web interface, further protecting the device from \npotential web-based exploitations.\u003cbr\u003e"
}
],
"value": "It is important to note that the web interface is only available on a \nphysically separate management port and these vulnerabilities have no \nimpact on the timing service ports. For added security, users have the \noption to disable the web interface, further protecting the device from \npotential web-based exploitations."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"assignerShortName": "Microchip",
"cveId": "CVE-2024-43684",
"datePublished": "2024-10-04T19:51:51.926Z",
"dateReserved": "2024-08-14T15:39:44.265Z",
"dateUpdated": "2025-08-29T20:11:56.019Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43685 (GCVE-0-2024-43685)
Vulnerability from cvelistv5 – Published: 2024-10-04 19:48 – Updated: 2025-08-29 20:21
VLAI?
Summary
Improper Authentication vulnerability in Microchip TimeProvider 4100 (login modules) allows Session Hijacking.This issue affects TimeProvider 4100: from 1.0 before 2.4.7.
Severity ?
CWE
- CWE-613 - Insufficient Session Expiration
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microchip | TimeProvider 4100 |
Affected:
1.0 , < 2.4.7
(firmware)
|
Credits
Armando Huesca Prida
Marco Negro
Antonio Carriero
Vito Pistillo
Davide Renna
Manuel Leone
Massimiliano Brolli
TIM Security Red Team Research
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:microchip:timeprovider_4100_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "timeprovider_4100_firmware",
"vendor": "microchip",
"versions": [
{
"lessThan": "2.4.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43685",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T21:24:58.808883Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T22:15:46.343Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"login"
],
"product": "TimeProvider 4100",
"vendor": "Microchip",
"versions": [
{
"lessThan": "2.4.7",
"status": "affected",
"version": "1.0",
"versionType": "firmware"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Armando Huesca Prida"
},
{
"lang": "en",
"type": "finder",
"value": "Marco Negro"
},
{
"lang": "en",
"type": "finder",
"value": "Antonio Carriero"
},
{
"lang": "en",
"type": "finder",
"value": "Vito Pistillo"
},
{
"lang": "en",
"type": "finder",
"value": "Davide Renna"
},
{
"lang": "en",
"type": "finder",
"value": "Manuel Leone"
},
{
"lang": "en",
"type": "finder",
"value": "Massimiliano Brolli"
},
{
"lang": "en",
"type": "reporter",
"value": "TIM Security Red Team Research"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Authentication vulnerability in Microchip TimeProvider 4100 (login modules) allows Session Hijacking.\u003cp\u003eThis issue affects TimeProvider 4100: from 1.0 before 2.4.7.\u003c/p\u003e"
}
],
"value": "Improper Authentication vulnerability in Microchip TimeProvider 4100 (login modules) allows Session Hijacking.This issue affects TimeProvider 4100: from 1.0 before 2.4.7."
}
],
"impacts": [
{
"capecId": "CAPEC-593",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-593 Session Hijacking"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:H/R:U/V:C/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T20:21:47.659Z",
"orgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"shortName": "Microchip"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/timeprovider-4100-grandmaster-session-token-fixation"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.gruppotim.it/it/footer/red-team.html"
}
],
"source": {
"advisory": "PSIRT-86",
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-06-27T11:03:00.000Z",
"value": "Reported"
}
],
"title": "Session token fixation in TimeProvider 4100",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It is important to note that the web interface is only available on a \nphysically separate management port and these vulnerabilities have no \nimpact on the timing service ports. For added security, users have the \noption to disable the web interface, further protecting the device from \npotential web-based exploitations.\n\n\u003cbr\u003e"
}
],
"value": "It is important to note that the web interface is only available on a \nphysically separate management port and these vulnerabilities have no \nimpact on the timing service ports. For added security, users have the \noption to disable the web interface, further protecting the device from \npotential web-based exploitations."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"assignerShortName": "Microchip",
"cveId": "CVE-2024-43685",
"datePublished": "2024-10-04T19:48:53.595Z",
"dateReserved": "2024-08-14T15:39:44.265Z",
"dateUpdated": "2025-08-29T20:21:47.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43686 (GCVE-0-2024-43686)
Vulnerability from cvelistv5 – Published: 2024-10-04 19:47 – Updated: 2024-10-07 20:42
VLAI?
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimeProvider 4100 (data plot modules) allows Reflected XSS.This issue affects TimeProvider 4100: from 1.0 before 2.4.7.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microchip | TimeProvider 4100 |
Affected:
1.0 , < 2.4.7
(firmware)
|
Credits
Armando Huesca Prida
Marco Negro
Antonio Carriero
Vito Pistillo
Davide Renna
Manuel Leone
Massimiliano Brolli
TIM Security Red Team Research
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43686",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T21:21:44.757309Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T22:15:53.397Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"data plot"
],
"product": "TimeProvider 4100",
"vendor": "Microchip",
"versions": [
{
"lessThan": "2.4.7",
"status": "affected",
"version": "1.0",
"versionType": "firmware"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Armando Huesca Prida"
},
{
"lang": "en",
"type": "finder",
"value": "Marco Negro"
},
{
"lang": "en",
"type": "finder",
"value": "Antonio Carriero"
},
{
"lang": "en",
"type": "finder",
"value": "Vito Pistillo"
},
{
"lang": "en",
"type": "finder",
"value": "Davide Renna"
},
{
"lang": "en",
"type": "finder",
"value": "Manuel Leone"
},
{
"lang": "en",
"type": "finder",
"value": "Massimiliano Brolli"
},
{
"lang": "en",
"type": "reporter",
"value": "TIM Security Red Team Research"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Microchip TimeProvider 4100 (data plot modules) allows Reflected XSS.\u003cp\u003eThis issue affects TimeProvider 4100: from 1.0 before 2.4.7.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Microchip TimeProvider 4100 (data plot modules) allows Reflected XSS.This issue affects TimeProvider 4100: from 1.0 before 2.4.7."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:Y/R:U/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T20:42:38.819Z",
"orgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"shortName": "Microchip"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/timeprovider-4100-grandmaster-reflected-xss-vulnerability"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.gruppotim.it/it/footer/red-team.html"
}
],
"source": {
"advisory": "PSIRT-85",
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-06-27T11:03:00.000Z",
"value": "Reported"
}
],
"title": "Reflected XSS in TimeProvider 4100 chart component",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It\n is important to note that the web interface is only available on a \nphysically separate management port and these vulnerabilities have no \nimpact on the timing service ports. For added security, users have the \noption to disable the web interface, further protecting the device from \npotential web-based exploitations.\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n \n\n\u003c/div\u003e"
}
],
"value": "It\n is important to note that the web interface is only available on a \nphysically separate management port and these vulnerabilities have no \nimpact on the timing service ports. For added security, users have the \noption to disable the web interface, further protecting the device from \npotential web-based exploitations."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"assignerShortName": "Microchip",
"cveId": "CVE-2024-43686",
"datePublished": "2024-10-04T19:47:06.117Z",
"dateReserved": "2024-08-14T15:39:44.265Z",
"dateUpdated": "2024-10-07T20:42:38.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9054 (GCVE-0-2024-9054)
Vulnerability from cvelistv5 – Published: 2024-10-04 19:42 – Updated: 2025-08-29 20:24
VLAI?
Summary
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Microchip TimeProvider 4100 (Configuration modules) allows Command Injection.This issue affects TimeProvider 4100: from 1.0 before 2.4.7.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microchip | TimeProvider 4100 |
Affected:
1.0 , < 2.4.7
(firmware)
|
Credits
Armando Huesca Prida
Marco Negro
Antonio Carriero
Vito Pistillo
Davide Renna
Manuel Leone
Massimiliano Brolli
TIM Security Red Team Research
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:microchip:timeprovider_4100_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "timeprovider_4100_firmware",
"vendor": "microchip",
"versions": [
{
"lessThan": "2.4.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9054",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T21:24:59.715765Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T22:16:03.570Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Configuration"
],
"product": "TimeProvider 4100",
"vendor": "Microchip",
"versions": [
{
"lessThan": "2.4.7",
"status": "affected",
"version": "1.0",
"versionType": "firmware"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Armando Huesca Prida"
},
{
"lang": "en",
"type": "finder",
"value": "Marco Negro"
},
{
"lang": "en",
"type": "finder",
"value": "Antonio Carriero"
},
{
"lang": "en",
"type": "finder",
"value": "Vito Pistillo"
},
{
"lang": "en",
"type": "finder",
"value": "Davide Renna"
},
{
"lang": "en",
"type": "finder",
"value": "Manuel Leone"
},
{
"lang": "en",
"type": "finder",
"value": "Massimiliano Brolli"
},
{
"lang": "en",
"type": "reporter",
"value": "TIM Security Red Team Research"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027), Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Microchip TimeProvider 4100 (Configuration modules) allows Command Injection.\u003cp\u003eThis issue affects TimeProvider 4100: from 1.0 before 2.4.7.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027), Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Microchip TimeProvider 4100 (Configuration modules) allows Command Injection.This issue affects TimeProvider 4100: from 1.0 before 2.4.7."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:Y/R:U/V:C/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T20:24:45.480Z",
"orgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"shortName": "Microchip"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/timeprovider-4100-grandmaster-rce-through-configuration-file"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.gruppotim.it/it/footer/red-team.html"
}
],
"source": {
"advisory": "PSIRT-82",
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-06-27T11:03:00.000Z",
"value": "Reported"
}
],
"title": "Remote code Execution inTimeProvider\u00ae 4100",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003eIt is important to note that the web interface is only available on a physically separate management port, and these vulnerabilities have no impact on the timing service ports. For added security, users have the option to disable the web interface, further protecting the device from potential web-based exploits.\u003c/div\u003e\u003c/div\u003e\n\n\u003cbr\u003e"
}
],
"value": "It is important to note that the web interface is only available on a physically separate management port, and these vulnerabilities have no impact on the timing service ports. For added security, users have the option to disable the web interface, further protecting the device from potential web-based exploits."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"assignerShortName": "Microchip",
"cveId": "CVE-2024-9054",
"datePublished": "2024-10-04T19:42:44.129Z",
"dateReserved": "2024-09-20T18:55:57.827Z",
"dateUpdated": "2025-08-29T20:24:45.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43687 (GCVE-0-2024-43687)
Vulnerability from cvelistv5 – Published: 2024-10-04 19:41 – Updated: 2025-05-23 15:13
VLAI?
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimeProvider 4100 (banner config modules) allows Cross-Site Scripting (XSS).This issue affects TimeProvider 4100: from 1.0 before 2.4.7.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microchip | TimeProvider 4100 |
Affected:
1.0 , < 2.4.7
(firmware)
Affected: 2.4.16 , < 2.5 (firmware) |
Credits
Armando Huesca Prida
Marco Negro
Antonio Carriero
Vito Pistillo
Davide Renna
Manuel Leone
Massimiliano Brolli
TIM Security Red Team Research
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43687",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T21:21:43.789883Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T22:16:09.913Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"banner config"
],
"product": "TimeProvider 4100",
"vendor": "Microchip",
"versions": [
{
"lessThan": "2.4.7",
"status": "affected",
"version": "1.0",
"versionType": "firmware"
},
{
"lessThan": "2.5",
"status": "affected",
"version": "2.4.16",
"versionType": "firmware"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Armando Huesca Prida"
},
{
"lang": "en",
"type": "finder",
"value": "Marco Negro"
},
{
"lang": "en",
"type": "finder",
"value": "Antonio Carriero"
},
{
"lang": "en",
"type": "finder",
"value": "Vito Pistillo"
},
{
"lang": "en",
"type": "finder",
"value": "Davide Renna"
},
{
"lang": "en",
"type": "finder",
"value": "Manuel Leone"
},
{
"lang": "en",
"type": "finder",
"value": "Massimiliano Brolli"
},
{
"lang": "en",
"type": "reporter",
"value": "TIM Security Red Team Research"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Microchip TimeProvider 4100 (banner config modules) allows Cross-Site Scripting (XSS).\u003cp\u003eThis issue affects TimeProvider 4100: from 1.0 before 2.4.7.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Microchip TimeProvider 4100 (banner config modules) allows Cross-Site Scripting (XSS).This issue affects TimeProvider 4100: from 1.0 before 2.4.7."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "PRESENT",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "ADJACENT",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/S:P/AU:Y/R:U/V:D/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-23T15:13:13.627Z",
"orgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"shortName": "Microchip"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/timeprovider-4100-grandmaster-stored-xss-vulnerability-in-banner"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.gruppotim.it/it/footer/red-team.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Separate the access to the management port and the timing service ports into separate networks with appropriate access controls."
}
],
"value": "Separate the access to the management port and the timing service ports into separate networks with appropriate access controls."
}
],
"source": {
"advisory": "PSIRT-84",
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-06-27T11:03:00.000Z",
"value": "Reported"
}
],
"title": "XSS vulnerability in bannerconfig endpoint in TimeProvider 4100",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It\n is important to note that the web interface is only available on a \nphysically separate management port and these vulnerabilities have no \nimpact on the timing service ports. For added security, users have the \noption to disable the web interface, further protecting the device from \npotential web-based exploitation.\u003cdiv\u003e\u003cdiv\u003e\n\n\u003c/div\u003e\n\n \n\n\u003c/div\u003e"
}
],
"value": "It\n is important to note that the web interface is only available on a \nphysically separate management port and these vulnerabilities have no \nimpact on the timing service ports. For added security, users have the \noption to disable the web interface, further protecting the device from \npotential web-based exploitation."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"assignerShortName": "Microchip",
"cveId": "CVE-2024-43687",
"datePublished": "2024-10-04T19:41:15.354Z",
"dateReserved": "2024-08-14T15:39:44.265Z",
"dateUpdated": "2025-05-23T15:13:13.627Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7801 (GCVE-0-2024-7801)
Vulnerability from cvelistv5 – Published: 2024-10-04 19:38 – Updated: 2024-10-04 22:16
VLAI?
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Microchip TimeProvider 4100 (Data plot modules) allows SQL Injection.This issue affects TimeProvider 4100: from 1.0 before 2.4.7.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microchip | TimeProvider 4100 |
Affected:
1.0 , < 2.4.7
(firmware)
|
Credits
Armando Huesca Prida
Marco Negro
Antonio Carriero
Vito Pistillo
Davide Renna
Manuel Leone
Massimiliano Brolli
TIM Security Red Team Research
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7801",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T21:21:42.790581Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T22:16:19.492Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Data plot"
],
"product": "TimeProvider 4100",
"vendor": "Microchip",
"versions": [
{
"lessThan": "2.4.7",
"status": "affected",
"version": "1.0",
"versionType": "firmware"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Armando Huesca Prida"
},
{
"lang": "en",
"type": "finder",
"value": "Marco Negro"
},
{
"lang": "en",
"type": "finder",
"value": "Antonio Carriero"
},
{
"lang": "en",
"type": "finder",
"value": "Vito Pistillo"
},
{
"lang": "en",
"type": "finder",
"value": "Davide Renna"
},
{
"lang": "en",
"type": "finder",
"value": "Manuel Leone"
},
{
"lang": "en",
"type": "finder",
"value": "Massimiliano Brolli"
},
{
"lang": "en",
"type": "reporter",
"value": "TIM Security Red Team Research"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Microchip TimeProvider 4100 (Data plot modules) allows SQL Injection.\u003cp\u003eThis issue affects TimeProvider 4100: from 1.0 before 2.4.7.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Microchip TimeProvider 4100 (Data plot modules) allows SQL Injection.This issue affects TimeProvider 4100: from 1.0 before 2.4.7."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/R:U/V:C/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T19:44:43.588Z",
"orgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"shortName": "Microchip"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/timeprovider-4100-grandmaster-unathenticated-sql-injection"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.gruppotim.it/it/footer/red-team.html"
}
],
"source": {
"advisory": "PSIRT-83",
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-06-27T11:03:00.000Z",
"value": "Reported"
}
],
"title": "SQL injection in get_chart_data in TimeProvider 4100",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\n\u003cdiv\u003e\u003cp\u003eIt is important to note that the web interface is only available on a\n physically separate management port and these vulnerabilities have no \nimpact on the timing service ports. For added security, users have the \noption to disable the web interface, further protecting the device from \npotential web-based exploitations.\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "It is important to note that the web interface is only available on a\n physically separate management port and these vulnerabilities have no \nimpact on the timing service ports. For added security, users have the \noption to disable the web interface, further protecting the device from \npotential web-based exploitations."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"assignerShortName": "Microchip",
"cveId": "CVE-2024-7801",
"datePublished": "2024-10-04T19:38:08.280Z",
"dateReserved": "2024-08-14T15:33:40.608Z",
"dateUpdated": "2024-10-04T22:16:19.492Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7490 (GCVE-0-2024-7490)
Vulnerability from cvelistv5 – Published: 2024-08-08 15:01 – Updated: 2025-08-29 20:23
VLAI?
Summary
Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow.
This vulnerability is associated with program files tinydhcpserver.C and program routines lwip_dhcp_find_option.
This issue affects Advanced Software Framework: through 3.52.0.2574.
ASF is no longer being supported. Apply provided workaround or migrate to an actively maintained framework.
Severity ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microchip Techology | Advanced Software Framework |
Affected:
0 , ≤ 3.52.0.2574
(semver)
|
Credits
element55
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:microchip:advanced_software_framework:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "advanced_software_framework",
"vendor": "microchip",
"versions": [
{
"lessThanOrEqual": "3.52.0.2574",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7490",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-08T16:25:23.040865Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T16:30:11.768Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-09-19T13:06:47.103Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/138043"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://gallery.microchip.com/packages/4CE20911-D794-4550-8B94-6C66A93228B8/",
"defaultStatus": "affected",
"modules": [
"network"
],
"packageName": "lwip",
"product": "Advanced Software Framework",
"programFiles": [
"tinydhcpserver.c"
],
"programRoutines": [
{
"name": "lwip_dhcp_find_option"
}
],
"repo": "https://savannah.nongnu.org/projects/lwip/",
"vendor": "Microchip Techology",
"versions": [
{
"lessThanOrEqual": "3.52.0.2574",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use of the lwip stack embedded in ASF, and using the example DHCP server provided.\u003cbr\u003e"
}
],
"value": "Use of the lwip stack embedded in ASF, and using the example DHCP server provided."
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "element55"
}
],
"datePublic": "2024-08-05T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow.\u003cbr\u003e\u003cp\u003e This vulnerability is associated with program files \u003ctt\u003etinydhcpserver.C\u003c/tt\u003e and program routines \u003ctt\u003elwip_dhcp_find_option\u003c/tt\u003e.\u003c/p\u003e\u003cp\u003eThis issue affects Advanced Software Framework: through 3.52.0.2574.\u003c/p\u003e\u003cp\u003e\nASF is no longer being supported. Apply provided workaround or migrate to an actively maintained framework.\n\n\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow.\n This vulnerability is associated with program files tinydhcpserver.C and program routines lwip_dhcp_find_option.\n\nThis issue affects Advanced Software Framework: through 3.52.0.2574.\n\n\nASF is no longer being supported. Apply provided workaround or migrate to an actively maintained framework."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.5,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T20:23:53.142Z",
"orgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"shortName": "Microchip"
},
"references": [
{
"tags": [
"product"
],
"url": "https://www.microchip.com/en-us/tools-resources/develop/libraries/advanced-software-framework"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "ASF is no longer being supported. Apply provided workaround or migrate to an actively maintained framework.\u003cbr\u003e"
}
],
"value": "ASF is no longer being supported. Apply provided workaround or migrate to an actively maintained framework."
}
],
"source": {
"advisory": "PSIRT-23",
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Remote Code Execution in Advanced Software Framework DHCP server",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\nThe issue can be mitigated by adding a check to the size variable after the call [1] to pbuf_get_at on line 127 [1].\n If the size variable is not 4, then the function should cease \nprocessing and return. The lwip_dhcp_find_option function is only used \nto find this one option. \u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\n\u003cp\u003e [1] \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/alfred-ai/microchip-asf/blob/bf5205e36a265b867d531647ffbf2de5e287853a/thirdparty/lwip/lwip-tinyservices/tinydhcpserver.c#L127\"\u003ehttps://github.com/alfred-ai/microchip-asf/blob/bf5205e36a265b867d531647ffbf2de5e287853a/thirdparty/lwip/lwip-tinyservices/tinydhcpserver.c#L127\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "The issue can be mitigated by adding a check to the size variable after the call [1] to pbuf_get_at on line 127 [1].\n If the size variable is not 4, then the function should cease \nprocessing and return. The lwip_dhcp_find_option function is only used \nto find this one option. \n\n\n\n\n\n\n [1] https://github.com/alfred-ai/microchip-asf/blob/bf5205e36a265b867d531647ffbf2de5e287853a/thirdparty/lwip/lwip-tinyservices/tinydhcpserver.c#L127"
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"assignerShortName": "Microchip",
"cveId": "CVE-2024-7490",
"datePublished": "2024-08-08T15:01:09.055Z",
"dateReserved": "2024-08-05T14:10:12.165Z",
"dateUpdated": "2025-08-29T20:23:53.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-30212 (GCVE-0-2024-30212)
Vulnerability from cvelistv5 – Published: 2024-05-28 16:07 – Updated: 2025-02-13 17:47
VLAI?
Summary
If a SCSI READ(10) command is initiated via USB using the largest LBA
(0xFFFFFFFF) with it's default block size of 512 and a count of 1,
the first 512 byte of the 0x80000000 memory area is returned to the
user. If the block count is increased, the full RAM can be exposed.
The same method works to write to this memory area. If RAM contains
pointers, those can be - depending on the application - overwritten to
return data from any other offset including Progam and Boot Flash.
Severity ?
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microchip | MPLAB® Harmony 3 Core Module |
Affected:
3.0.0 , < 3.13.4
(semver)
|
Credits
Fehr GmbH
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:25:03.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"patch",
"mitigation",
"x_transferred"
],
"url": "https://github.com/Microchip-MPLAB-Harmony/core/commit/d4608a4f1a140bd899cd4337cdbfb343a4339216"
},
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://github.com/Microchip-MPLAB-Harmony/core/blob/master/release_notes.md"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Fehr-GmbH/blackleak"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:microchip:mplab_harmony:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mplab_harmony",
"vendor": "microchip",
"versions": [
{
"lessThan": "3.13.4",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30212",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T14:20:02.167062Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T17:46:22.690Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"memory"
],
"packageName": "core",
"product": "MPLAB\u00ae Harmony 3 Core Module",
"programFiles": [
"drv_memory.c.ftl"
],
"programRoutines": [
{
"name": "DRV_MEMORY_SetupXfer"
}
],
"repo": "https://github.com/Microchip-MPLAB-Harmony",
"vendor": "Microchip",
"versions": [
{
"lessThan": "3.13.4",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "If a SCSI READ(10) command is initiated via USB using the largest LBA (0xFFFFFFFF) with it\u0027s default block size of 512 and a count of 1, the first 512 byte of the 0x80000000 memory area is returned. The same applies for SCSI WRITE."
}
],
"value": "If a SCSI READ(10) command is initiated via USB using the largest LBA (0xFFFFFFFF) with it\u0027s default block size of 512 and a count of 1, the first 512 byte of the 0x80000000 memory area is returned. The same applies for SCSI WRITE."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Fehr GmbH"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "If a SCSI READ(10) command is initiated via USB using the largest LBA \n(0xFFFFFFFF) with it\u0027s default block size of 512 and a count of 1,\u003cbr\u003e\nthe first 512 byte of the 0x80000000 memory area is returned to the \nuser. If the block count is increased, the full RAM can be exposed.\u003cbr\u003e\nThe same method works to write to this memory area. If RAM contains \npointers, those can be - depending on the application - overwritten to\u003cbr\u003e\nreturn data from any other offset including Progam and Boot Flash.\n\n\u003cbr\u003e"
}
],
"value": "If a SCSI READ(10) command is initiated via USB using the largest LBA \n(0xFFFFFFFF) with it\u0027s default block size of 512 and a count of 1,\n\nthe first 512 byte of the 0x80000000 memory area is returned to the \nuser. If the block count is increased, the full RAM can be exposed.\n\nThe same method works to write to this memory area. If RAM contains \npointers, those can be - depending on the application - overwritten to\n\nreturn data from any other offset including Progam and Boot Flash."
}
],
"impacts": [
{
"capecId": "CAPEC-92",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-92: Forced Integer Overflow"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190: Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-11T11:32:35.566Z",
"orgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"shortName": "Microchip"
},
"references": [
{
"tags": [
"patch",
"mitigation"
],
"url": "https://github.com/Microchip-MPLAB-Harmony/core/commit/d4608a4f1a140bd899cd4337cdbfb343a4339216"
},
{
"tags": [
"release-notes"
],
"url": "https://github.com/Microchip-MPLAB-Harmony/core/blob/master/release_notes.md"
},
{
"url": "https://github.com/Fehr-GmbH/blackleak"
}
],
"source": {
"advisory": "PSIRT-34",
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2023-08-21T07:00:00.000Z",
"value": "Detected"
}
],
"title": "Microchip Harmony 3 Core library allows read and write access to RAM via a SCSI READ or WRITE command",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"assignerShortName": "Microchip",
"cveId": "CVE-2024-30212",
"datePublished": "2024-05-28T16:07:52.946Z",
"dateReserved": "2024-03-26T03:56:03.743Z",
"dateUpdated": "2025-02-13T17:47:45.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-4760 (GCVE-0-2024-4760)
Vulnerability from cvelistv5 – Published: 2024-05-16 13:07 – Updated: 2025-06-06 15:08
VLAI?
Summary
A voltage glitch during the startup of EEFC NVM controllers on Microchip SAM E70/S70/V70/V71, SAM G55, SAM 4C/4S/4N/4E, and SAM 3S/3N/3U microcontrollers allows access to the memory bus via the debug interface even if the security bit is set.
Severity ?
6.3 (Medium)
CWE
- CWE-1247 - Improper Protection Against Voltage and Clock Glitches
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microchip | SAME70 |
Affected:
0
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Waleed Alzamil
Bandar Alharbi
Meshari Alhammadi
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:amtel:same70:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "same70",
"vendor": "amtel",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:a:amtel:sams70:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sams70",
"vendor": "amtel",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:a:amtel:samv70:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "samv70",
"vendor": "amtel",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"cpes": [
"cpe:2.3:a:amtel:samv71:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "samv71",
"vendor": "amtel",
"versions": [
{
"status": "affected",
"version": "*"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4760",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-24T19:22:40.820250Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:53:31.485Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:47:41.757Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"technical-description",
"exploit",
"x_transferred"
],
"url": "https://www.0x01team.com/hw_security/bypassing-microchip-atmel-sam-e70-s70-v70-v71-security/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "SAME70",
"vendor": "Microchip",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "affected",
"product": "SAMS70",
"vendor": "Microchip",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "affected",
"product": "SAMV70",
"vendor": "Microchip",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "affected",
"product": "SAMV71",
"vendor": "Microchip",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAMG55",
"vendor": "Microchip",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAM4C",
"vendor": "Microchip",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAM4S",
"vendor": "Microchip",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAM4N",
"vendor": "Microchip",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAM4E",
"vendor": "Microchip",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAM3S",
"vendor": "Microchip",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAM3N",
"vendor": "Microchip",
"versions": [
{
"status": "affected",
"version": "0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAM3U",
"vendor": "Microchip",
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Physical control of the VDDCore pins\u003cbr\u003e"
}
],
"value": "Physical control of the VDDCore pins"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Waleed Alzamil"
},
{
"lang": "en",
"type": "finder",
"value": "Bandar Alharbi"
},
{
"lang": "en",
"type": "finder",
"value": "Meshari Alhammadi"
}
],
"datePublic": "2024-05-16T13:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A voltage glitch during the startup of EEFC NVM controllers on Microchip SAM E70/S70/V70/V71, SAM G55, SAM\u0026nbsp;4C/4S/4N/4E, and SAM 3S/3N/3U microcontrollers\u0026nbsp;allows access to the memory bus via the debug interface even if the security bit is set."
}
],
"value": "A voltage glitch during the startup of EEFC NVM controllers on Microchip SAM E70/S70/V70/V71, SAM G55, SAM\u00a04C/4S/4N/4E, and SAM 3S/3N/3U microcontrollers\u00a0allows access to the memory bus via the debug interface even if the security bit is set."
}
],
"impacts": [
{
"capecId": "CAPEC-624",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-624: Hardware Fault Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1247",
"description": "CWE-1247: Improper Protection Against Voltage and Clock Glitches",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-06T15:08:03.023Z",
"orgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"shortName": "Microchip"
},
"references": [
{
"tags": [
"technical-description",
"exploit"
],
"url": "https://www.0x01team.com/hw_security/bypassing-microchip-atmel-sam-e70-s70-v70-v71-security/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://ww1.microchip.com/downloads/aemDocuments/documents/MCU32/ProductDocuments/SupportingCollateral/Security-Advisory-CVE-2024-4760.pdf"
}
],
"source": {
"advisory": "PSIRT-73",
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-02-15T17:19:00.000Z",
"value": "Initial report"
},
{
"lang": "en",
"time": "2025-06-06T07:00:00.000Z",
"value": "Vendor Advisory issued"
}
],
"title": "Voltage glitch during startup of the EEFC NVM controller can bypass the security bit",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Please contact Microchip to obtain the appropriate patch for your devices, which are available as binary code\u003cbr\u003eupdates."
}
],
"value": "Please contact Microchip to obtain the appropriate patch for your devices, which are available as binary code\nupdates."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dc3f6da9-85b5-4a73-84a2-2ec90b40fca5",
"assignerShortName": "Microchip",
"cveId": "CVE-2024-4760",
"datePublished": "2024-05-16T13:07:57.462Z",
"dateReserved": "2024-05-10T15:18:00.908Z",
"dateUpdated": "2025-06-06T15:08:03.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51438 (GCVE-0-2023-51438)
Vulnerability from cvelistv5 – Published: 2024-01-09 10:00 – Updated: 2025-05-22 17:57
VLAI?
Summary
A vulnerability has been identified in SIMATIC IPC1047E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC647E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC847E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows). In default installations of maxView Storage Manager where Redfish® server is configured for remote system management, a vulnerability has been identified that can provide unauthorized access.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | SIMATIC IPC1047E |
Affected:
All versions with maxView Storage Manager < V4.14.00.26068 on Windows
|
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:09.431Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-702935.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51438",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-22T17:51:00.924153Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T17:57:26.766Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC1047E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions with maxView Storage Manager \u003c V4.14.00.26068 on Windows"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC647E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions with maxView Storage Manager \u003c V4.14.00.26068 on Windows"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC847E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions with maxView Storage Manager \u003c V4.14.00.26068 on Windows"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC IPC1047E (All versions with maxView Storage Manager \u003c V4.14.00.26068 on Windows), SIMATIC IPC647E (All versions with maxView Storage Manager \u003c V4.14.00.26068 on Windows), SIMATIC IPC847E (All versions with maxView Storage Manager \u003c V4.14.00.26068 on Windows). In default installations of maxView Storage Manager where Redfish\u00ae server is configured for remote system management, a vulnerability has been identified that can provide unauthorized access."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 10,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T10:00:13.080Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-702935.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-51438",
"datePublished": "2024-01-09T10:00:13.080Z",
"dateReserved": "2023-12-19T11:46:45.583Z",
"dateUpdated": "2025-05-22T17:57:26.766Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22216 (GCVE-0-2024-22216)
Vulnerability from cvelistv5 – Published: 2024-01-08 00:00 – Updated: 2025-06-18 16:54
VLAI?
Summary
In default installations of Microchip maxView Storage Manager (for Adaptec Smart Storage Controllers) where Redfish server is configured for remote system management, unauthorized access can occur, with data modification and information disclosure. This affects 3.00.23484 through 4.14.00.26064 (except for the patched versions 3.07.23980 and 4.07.00.25339).
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.882Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.microchip.com/en-us/solutions/embedded-security/how-to-report-potential-product-security-vulnerabilities/maxview-storage-manager-redfish-server-vulnerability"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-22216",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-08T14:16:33.392817Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-18T16:54:35.287Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In default installations of Microchip maxView Storage Manager (for Adaptec Smart Storage Controllers) where Redfish server is configured for remote system management, unauthorized access can occur, with data modification and information disclosure. This affects 3.00.23484 through 4.14.00.26064 (except for the patched versions 3.07.23980 and 4.07.00.25339)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-08T06:37:22.420Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.microchip.com/en-us/solutions/embedded-security/how-to-report-potential-product-security-vulnerabilities/maxview-storage-manager-redfish-server-vulnerability"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-22216",
"datePublished": "2024-01-08T00:00:00.000Z",
"dateReserved": "2024-01-08T00:00:00.000Z",
"dateUpdated": "2025-06-18T16:54:35.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-27636 (GCVE-0-2020-27636)
Vulnerability from cvelistv5 – Published: 2023-10-10 00:00 – Updated: 2024-09-19 15:27
VLAI?
Summary
In Microchip MPLAB Net 3.6.1, TCP ISNs are improperly random.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:18:44.418Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.forescout.com"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-042-01"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-27636",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T15:27:10.935543Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T15:27:23.843Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Microchip MPLAB Net 3.6.1, TCP ISNs are improperly random."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-10T16:28:45.427963",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.forescout.com"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-042-01"
},
{
"url": "https://www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-27636",
"datePublished": "2023-10-10T00:00:00",
"dateReserved": "2020-10-22T00:00:00",
"dateUpdated": "2024-09-19T15:27:23.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23588 (GCVE-0-2023-23588)
Vulnerability from cvelistv5 – Published: 2023-04-11 09:03 – Updated: 2024-10-15 17:12
VLAI?
Summary
A vulnerability has been identified in SIMATIC IPC1047 (All versions), SIMATIC IPC1047E (All versions with maxView Storage Manager < 4.09.00.25611 on Windows), SIMATIC IPC647D (All versions), SIMATIC IPC647E (All versions with maxView Storage Manager < 4.09.00.25611 on Windows), SIMATIC IPC847D (All versions), SIMATIC IPC847E (All versions with maxView Storage Manager < 4.09.00.25611 on Windows). The Adaptec Maxview application on affected devices is using a non-unique TLS certificate across installations to protect the communication from the local browser to the local application.
A local attacker may use this key to decrypt intercepted local traffic between the browser and the application and could perform a man-in-the-middle attack in order to modify data in transit.
Severity ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | SIMATIC IPC1047 |
Affected:
All versions
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:35:33.386Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-511182.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23588",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:09:07.958283Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T17:12:13.841Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC1047",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC1047E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions with maxView Storage Manager \u003c 4.09.00.25611 on Windows"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC647D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC647E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions with maxView Storage Manager \u003c 4.09.00.25611 on Windows"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC847D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC847E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions with maxView Storage Manager \u003c 4.09.00.25611 on Windows"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC IPC1047 (All versions), SIMATIC IPC1047E (All versions with maxView Storage Manager \u003c 4.09.00.25611 on Windows), SIMATIC IPC647D (All versions), SIMATIC IPC647E (All versions with maxView Storage Manager \u003c 4.09.00.25611 on Windows), SIMATIC IPC847D (All versions), SIMATIC IPC847E (All versions with maxView Storage Manager \u003c 4.09.00.25611 on Windows). The Adaptec Maxview application on affected devices is using a non-unique TLS certificate across installations to protect the communication from the local browser to the local application.\r\nA local attacker may use this key to decrypt intercepted local traffic between the browser and the application and could perform a man-in-the-middle attack in order to modify data in transit."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T09:03:01.130Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-511182.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-23588",
"datePublished": "2023-04-11T09:03:01.130Z",
"dateReserved": "2023-01-13T14:55:01.563Z",
"dateUpdated": "2024-10-15T17:12:13.841Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37605 (GCVE-0-2021-37605)
Vulnerability from cvelistv5 – Published: 2021-08-05 15:52 – Updated: 2024-08-04 01:23
VLAI?
Summary
In version 6.5 Microchip MiWi software and all previous versions including legacy products, the stack is validating only two out of four Message Integrity Check (MIC) bytes.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:23:01.303Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.microchip.com/product-change-notifications/#/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.microchip.com/en-us/products/wireless-connectivity/sub-ghz/miwi-protocol"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ww1.microchip.com/downloads/en/DeviceDoc/asf-release-notes-3.50.0.100-readme.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.microchip.com/en-us/development-tools-tools-and-software/libraries-code-examples-and-more/advanced-software-framework-for-sam-devices#Downloads"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ww1.microchip.com/downloads/en/DeviceDoc/asf-release-notes-3.51.0.101-readme.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.microchip.com/en-us/products/wireless-connectivity/software-vulnerability-response/miwi-software-vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In version 6.5 Microchip MiWi software and all previous versions including legacy products, the stack is validating only two out of four Message Integrity Check (MIC) bytes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-21T21:38:12",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.microchip.com/product-change-notifications/#/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.microchip.com/en-us/products/wireless-connectivity/sub-ghz/miwi-protocol"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ww1.microchip.com/downloads/en/DeviceDoc/asf-release-notes-3.50.0.100-readme.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.microchip.com/en-us/development-tools-tools-and-software/libraries-code-examples-and-more/advanced-software-framework-for-sam-devices#Downloads"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ww1.microchip.com/downloads/en/DeviceDoc/asf-release-notes-3.51.0.101-readme.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.microchip.com/en-us/products/wireless-connectivity/software-vulnerability-response/miwi-software-vulnerability"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-37605",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In version 6.5 Microchip MiWi software and all previous versions including legacy products, the stack is validating only two out of four Message Integrity Check (MIC) bytes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.microchip.com/product-change-notifications/#/",
"refsource": "MISC",
"url": "https://www.microchip.com/product-change-notifications/#/"
},
{
"name": "https://www.microchip.com/en-us/products/wireless-connectivity/sub-ghz/miwi-protocol",
"refsource": "MISC",
"url": "https://www.microchip.com/en-us/products/wireless-connectivity/sub-ghz/miwi-protocol"
},
{
"name": "https://ww1.microchip.com/downloads/en/DeviceDoc/asf-release-notes-3.50.0.100-readme.pdf",
"refsource": "MISC",
"url": "https://ww1.microchip.com/downloads/en/DeviceDoc/asf-release-notes-3.50.0.100-readme.pdf"
},
{
"name": "https://www.microchip.com/en-us/development-tools-tools-and-software/libraries-code-examples-and-more/advanced-software-framework-for-sam-devices#Downloads",
"refsource": "MISC",
"url": "https://www.microchip.com/en-us/development-tools-tools-and-software/libraries-code-examples-and-more/advanced-software-framework-for-sam-devices#Downloads"
},
{
"name": "https://ww1.microchip.com/downloads/en/DeviceDoc/asf-release-notes-3.51.0.101-readme.pdf",
"refsource": "MISC",
"url": "https://ww1.microchip.com/downloads/en/DeviceDoc/asf-release-notes-3.51.0.101-readme.pdf"
},
{
"name": "https://www.microchip.com/en-us/products/wireless-connectivity/software-vulnerability-response/miwi-software-vulnerability",
"refsource": "MISC",
"url": "https://www.microchip.com/en-us/products/wireless-connectivity/software-vulnerability-response/miwi-software-vulnerability"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-37605",
"datePublished": "2021-08-05T15:52:38",
"dateReserved": "2021-07-28T00:00:00",
"dateUpdated": "2024-08-04T01:23:01.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37604 (GCVE-0-2021-37604)
Vulnerability from cvelistv5 – Published: 2021-08-05 15:43 – Updated: 2024-08-04 01:23
VLAI?
Summary
In version 6.5 of Microchip MiWi software and all previous versions including legacy products, there is a possibility of frame counters being validated/updated prior to the message authentication. With this vulnerability in place, an attacker may increment the incoming frame counter values by injecting messages with a sufficiently large frame counter value and invalid payload. This results in denial of service/valid packets in the network. There is also a possibility of a replay attack in the stack.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:23:01.238Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.microchip.com/product-change-notifications/#/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.microchip.com/en-us/products/wireless-connectivity/sub-ghz/miwi-protocol"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ww1.microchip.com/downloads/en/DeviceDoc/asf-release-notes-3.50.0.100-readme.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.microchip.com/en-us/development-tools-tools-and-software/libraries-code-examples-and-more/advanced-software-framework-for-sam-devices#Downloads"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.microchip.com/en-us/products/wireless-connectivity/software-vulnerability-response/miwi-software-vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In version 6.5 of Microchip MiWi software and all previous versions including legacy products, there is a possibility of frame counters being validated/updated prior to the message authentication. With this vulnerability in place, an attacker may increment the incoming frame counter values by injecting messages with a sufficiently large frame counter value and invalid payload. This results in denial of service/valid packets in the network. There is also a possibility of a replay attack in the stack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-21T21:37:14",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.microchip.com/product-change-notifications/#/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.microchip.com/en-us/products/wireless-connectivity/sub-ghz/miwi-protocol"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ww1.microchip.com/downloads/en/DeviceDoc/asf-release-notes-3.50.0.100-readme.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.microchip.com/en-us/development-tools-tools-and-software/libraries-code-examples-and-more/advanced-software-framework-for-sam-devices#Downloads"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.microchip.com/en-us/products/wireless-connectivity/software-vulnerability-response/miwi-software-vulnerability"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-37604",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In version 6.5 of Microchip MiWi software and all previous versions including legacy products, there is a possibility of frame counters being validated/updated prior to the message authentication. With this vulnerability in place, an attacker may increment the incoming frame counter values by injecting messages with a sufficiently large frame counter value and invalid payload. This results in denial of service/valid packets in the network. There is also a possibility of a replay attack in the stack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.microchip.com/product-change-notifications/#/",
"refsource": "MISC",
"url": "https://www.microchip.com/product-change-notifications/#/"
},
{
"name": "https://www.microchip.com/en-us/products/wireless-connectivity/sub-ghz/miwi-protocol",
"refsource": "MISC",
"url": "https://www.microchip.com/en-us/products/wireless-connectivity/sub-ghz/miwi-protocol"
},
{
"name": "https://ww1.microchip.com/downloads/en/DeviceDoc/asf-release-notes-3.50.0.100-readme.pdf",
"refsource": "MISC",
"url": "https://ww1.microchip.com/downloads/en/DeviceDoc/asf-release-notes-3.50.0.100-readme.pdf"
},
{
"name": "https://www.microchip.com/en-us/development-tools-tools-and-software/libraries-code-examples-and-more/advanced-software-framework-for-sam-devices#Downloads",
"refsource": "MISC",
"url": "https://www.microchip.com/en-us/development-tools-tools-and-software/libraries-code-examples-and-more/advanced-software-framework-for-sam-devices#Downloads"
},
{
"name": "https://www.microchip.com/en-us/products/wireless-connectivity/software-vulnerability-response/miwi-software-vulnerability",
"refsource": "CONFIRM",
"url": "https://www.microchip.com/en-us/products/wireless-connectivity/software-vulnerability-response/miwi-software-vulnerability"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-37604",
"datePublished": "2021-08-05T15:43:37",
"dateReserved": "2021-07-28T00:00:00",
"dateUpdated": "2024-08-04T01:23:01.238Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-20950 (GCVE-0-2020-20950)
Vulnerability from cvelistv5 – Published: 2021-01-19 12:22 – Updated: 2024-08-04 14:22
VLAI?
Summary
Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications 2018-11-26 All up to 2018-11-26. The vulnerability can allow one to use Bleichenbacher's oracle attack to decrypt an encrypted ciphertext by making successive queries to the server using the vulnerable library, resulting in remote information disclosure.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T14:22:25.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://archiv.infsec.ethz.ch/education/fs08/secsem/bleichenbacher98.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://microchip.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.microchip.com/mplab/microchip-libraries-for-applications"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bi-zone.medium.com/silence-will-fall-or-how-it-can-take-2-years-to-get-your-vuln-registered-e6134846f5bb"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Bleichenbacher\u0027s attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications 2018-11-26 All up to 2018-11-26. The vulnerability can allow one to use Bleichenbacher\u0027s oracle attack to decrypt an encrypted ciphertext by making successive queries to the server using the vulnerable library, resulting in remote information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-19T12:22:55",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://archiv.infsec.ethz.ch/education/fs08/secsem/bleichenbacher98.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://microchip.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.microchip.com/mplab/microchip-libraries-for-applications"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bi-zone.medium.com/silence-will-fall-or-how-it-can-take-2-years-to-get-your-vuln-registered-e6134846f5bb"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-20950",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bleichenbacher\u0027s attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications 2018-11-26 All up to 2018-11-26. The vulnerability can allow one to use Bleichenbacher\u0027s oracle attack to decrypt an encrypted ciphertext by making successive queries to the server using the vulnerable library, resulting in remote information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://archiv.infsec.ethz.ch/education/fs08/secsem/bleichenbacher98.pdf",
"refsource": "MISC",
"url": "http://archiv.infsec.ethz.ch/education/fs08/secsem/bleichenbacher98.pdf"
},
{
"name": "http://microchip.com",
"refsource": "MISC",
"url": "http://microchip.com"
},
{
"name": "https://www.microchip.com/mplab/microchip-libraries-for-applications",
"refsource": "MISC",
"url": "https://www.microchip.com/mplab/microchip-libraries-for-applications"
},
{
"name": "https://bi-zone.medium.com/silence-will-fall-or-how-it-can-take-2-years-to-get-your-vuln-registered-e6134846f5bb",
"refsource": "MISC",
"url": "https://bi-zone.medium.com/silence-will-fall-or-how-it-can-take-2-years-to-get-your-vuln-registered-e6134846f5bb"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-20950",
"datePublished": "2021-01-19T12:22:55",
"dateReserved": "2020-08-13T00:00:00",
"dateUpdated": "2024-08-04T14:22:25.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-17441 (GCVE-0-2020-17441)
Vulnerability from cvelistv5 – Published: 2020-12-11 22:29 – Updated: 2024-08-04 13:53
VLAI?
Summary
An issue was discovered in picoTCP 1.7.0. The code for processing the IPv6 headers does not validate whether the IPv6 payload length field is equal to the actual size of the payload, which leads to an Out-of-Bounds read during the ICMPv6 checksum calculation, resulting in either Denial-of-Service or Information Disclosure. This affects pico_ipv6_extension_headers and pico_checksum_adder (in pico_ipv6.c and pico_frame.c).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:53:17.412Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/815128"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in picoTCP 1.7.0. The code for processing the IPv6 headers does not validate whether the IPv6 payload length field is equal to the actual size of the payload, which leads to an Out-of-Bounds read during the ICMPv6 checksum calculation, resulting in either Denial-of-Service or Information Disclosure. This affects pico_ipv6_extension_headers and pico_checksum_adder (in pico_ipv6.c and pico_frame.c)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-11T22:29:35",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/815128"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-17441",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in picoTCP 1.7.0. The code for processing the IPv6 headers does not validate whether the IPv6 payload length field is equal to the actual size of the payload, which leads to an Out-of-Bounds read during the ICMPv6 checksum calculation, resulting in either Denial-of-Service or Information Disclosure. This affects pico_ipv6_extension_headers and pico_checksum_adder (in pico_ipv6.c and pico_frame.c)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kb.cert.org/vuls/id/815128",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/815128"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-17441",
"datePublished": "2020-12-11T22:29:35",
"dateReserved": "2020-08-07T00:00:00",
"dateUpdated": "2024-08-04T13:53:17.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-16128 (GCVE-0-2019-16128)
Vulnerability from cvelistv5 – Published: 2020-10-22 19:07 – Updated: 2024-08-05 01:10
VLAI?
Summary
Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 has a Buffer Overflow (issue 1 of 2).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:10:40.888Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.microchip.com/design-centers/security-ics/cryptoauthentication"
},
{
"name": "[oss-security] 20201022 CVE-2019-16127, CVE-2019-16128 and CVE-2019-16129 for Microchip code",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/10/22/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://census-labs.com/news/2020/10/21/microchip-cryptoauthlib-atcab_sign_base-buffer-overflow/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 has a Buffer Overflow (issue 1 of 2)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-22T19:07:19",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.microchip.com/design-centers/security-ics/cryptoauthentication"
},
{
"name": "[oss-security] 20201022 CVE-2019-16127, CVE-2019-16128 and CVE-2019-16129 for Microchip code",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/10/22/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://census-labs.com/news/2020/10/21/microchip-cryptoauthlib-atcab_sign_base-buffer-overflow/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16128",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 has a Buffer Overflow (issue 1 of 2)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.microchip.com/design-centers/security-ics/cryptoauthentication",
"refsource": "MISC",
"url": "https://www.microchip.com/design-centers/security-ics/cryptoauthentication"
},
{
"name": "[oss-security] 20201022 CVE-2019-16127, CVE-2019-16128 and CVE-2019-16129 for Microchip code",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/10/22/1"
},
{
"name": "https://census-labs.com/news/2020/10/21/microchip-cryptoauthlib-atcab_sign_base-buffer-overflow/",
"refsource": "MISC",
"url": "https://census-labs.com/news/2020/10/21/microchip-cryptoauthlib-atcab_sign_base-buffer-overflow/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-16128",
"datePublished": "2020-10-22T19:07:19",
"dateReserved": "2019-09-08T00:00:00",
"dateUpdated": "2024-08-05T01:10:40.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-16129 (GCVE-0-2019-16129)
Vulnerability from cvelistv5 – Published: 2020-10-22 18:26 – Updated: 2024-08-05 01:10
VLAI?
Summary
Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 has a Buffer Overflow (issue 2 of 2).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:10:41.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.microchip.com/design-centers/security-ics/cryptoauthentication"
},
{
"name": "[oss-security] 20201022 CVE-2019-16127, CVE-2019-16128 and CVE-2019-16129 for Microchip code",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/10/22/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://census-labs.com/news/2020/10/21/microchip-cryptoauthlib-atcab_genkey_base-buffer-overflow/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 has a Buffer Overflow (issue 2 of 2)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-22T18:26:38",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.microchip.com/design-centers/security-ics/cryptoauthentication"
},
{
"name": "[oss-security] 20201022 CVE-2019-16127, CVE-2019-16128 and CVE-2019-16129 for Microchip code",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/10/22/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://census-labs.com/news/2020/10/21/microchip-cryptoauthlib-atcab_genkey_base-buffer-overflow/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 has a Buffer Overflow (issue 2 of 2)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.microchip.com/design-centers/security-ics/cryptoauthentication",
"refsource": "MISC",
"url": "https://www.microchip.com/design-centers/security-ics/cryptoauthentication"
},
{
"name": "[oss-security] 20201022 CVE-2019-16127, CVE-2019-16128 and CVE-2019-16129 for Microchip code",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/10/22/1"
},
{
"name": "https://census-labs.com/news/2020/10/21/microchip-cryptoauthlib-atcab_genkey_base-buffer-overflow/",
"refsource": "MISC",
"url": "https://census-labs.com/news/2020/10/21/microchip-cryptoauthlib-atcab_genkey_base-buffer-overflow/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-16129",
"datePublished": "2020-10-22T18:26:38",
"dateReserved": "2019-09-08T00:00:00",
"dateUpdated": "2024-08-05T01:10:41.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-16127 (GCVE-0-2019-16127)
Vulnerability from cvelistv5 – Published: 2020-10-22 18:11 – Updated: 2024-08-05 01:10
VLAI?
Summary
Atmel Advanced Software Framework (ASF) 4 has an Integer Overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:10:40.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.microchip.com/mplab/avr-support/advanced-software-framework"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://census-labs.com/news/2020/10/21/microchip-asf4-integer-overflows-in-flash_read-flash_write-and-flash_append/"
},
{
"name": "[oss-security] 20201022 CVE-2019-16127, CVE-2019-16128 and CVE-2019-16129 for Microchip code",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2020/10/22/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Atmel Advanced Software Framework (ASF) 4 has an Integer Overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-22T18:11:30",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.microchip.com/mplab/avr-support/advanced-software-framework"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://census-labs.com/news/2020/10/21/microchip-asf4-integer-overflows-in-flash_read-flash_write-and-flash_append/"
},
{
"name": "[oss-security] 20201022 CVE-2019-16127, CVE-2019-16128 and CVE-2019-16129 for Microchip code",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://www.openwall.com/lists/oss-security/2020/10/22/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16127",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Atmel Advanced Software Framework (ASF) 4 has an Integer Overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.microchip.com/mplab/avr-support/advanced-software-framework",
"refsource": "MISC",
"url": "https://www.microchip.com/mplab/avr-support/advanced-software-framework"
},
{
"name": "https://census-labs.com/news/2020/10/21/microchip-asf4-integer-overflows-in-flash_read-flash_write-and-flash_append/",
"refsource": "MISC",
"url": "https://census-labs.com/news/2020/10/21/microchip-asf4-integer-overflows-in-flash_read-flash_write-and-flash_append/"
},
{
"name": "[oss-security] 20201022 CVE-2019-16127, CVE-2019-16128 and CVE-2019-16129 for Microchip code",
"refsource": "MLIST",
"url": "https://www.openwall.com/lists/oss-security/2020/10/22/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-16127",
"datePublished": "2020-10-22T18:11:30",
"dateReserved": "2019-09-08T00:00:00",
"dateUpdated": "2024-08-05T01:10:40.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-15809 (GCVE-0-2019-15809)
Vulnerability from cvelistv5 – Published: 2019-10-03 13:17 – Updated: 2024-08-05 00:56
VLAI?
Summary
Smart cards from the Athena SCS manufacturer, based on the Atmel Toolbox 00.03.11.05 and the AT90SC chip, contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because the Atmel Toolbox 00.03.11.05 contains two versions of ECDSA signature functions, described as fast and secure, but the affected cards chose to use the fast version, which leaks the bit length of the random nonce via timing. This affects Athena IDProtect 010b.0352.0005, Athena IDProtect 010e.1245.0002, Athena IDProtect 0106.0130.0401, Athena IDProtect 010e.1245.0002, Valid S/A IDflex V 010b.0352.0005, SafeNet eToken 4300 010e.1245.0002, TecSec Armored Card 010e.0264.0001, and TecSec Armored Card 108.0264.0001.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:56:22.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://eprint.iacr.org/2011/232.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tches.iacr.org/index.php/TCHES/article/view/7337"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ssi.gouv.fr/certification_cc/bibliotheque-cryptographique-atmel-toolbox-00-03-11-05/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/details?source=ECDSA\u0026number=214"
},
{
"name": "[oss-security] 20191002 Minerva: ECDSA key recovery from bit-length leakage",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/02/2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://minerva.crocs.fi.muni.cz/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Smart cards from the Athena SCS manufacturer, based on the Atmel Toolbox 00.03.11.05 and the AT90SC chip, contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because the Atmel Toolbox 00.03.11.05 contains two versions of ECDSA signature functions, described as fast and secure, but the affected cards chose to use the fast version, which leaks the bit length of the random nonce via timing. This affects Athena IDProtect 010b.0352.0005, Athena IDProtect 010e.1245.0002, Athena IDProtect 0106.0130.0401, Athena IDProtect 010e.1245.0002, Valid S/A IDflex V 010b.0352.0005, SafeNet eToken 4300 010e.1245.0002, TecSec Armored Card 010e.0264.0001, and TecSec Armored Card 108.0264.0001."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-03T13:18:31",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://eprint.iacr.org/2011/232.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tches.iacr.org/index.php/TCHES/article/view/7337"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ssi.gouv.fr/certification_cc/bibliotheque-cryptographique-atmel-toolbox-00-03-11-05/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/details?source=ECDSA\u0026number=214"
},
{
"name": "[oss-security] 20191002 Minerva: ECDSA key recovery from bit-length leakage",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/02/2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://minerva.crocs.fi.muni.cz/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15809",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Smart cards from the Athena SCS manufacturer, based on the Atmel Toolbox 00.03.11.05 and the AT90SC chip, contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because the Atmel Toolbox 00.03.11.05 contains two versions of ECDSA signature functions, described as fast and secure, but the affected cards chose to use the fast version, which leaks the bit length of the random nonce via timing. This affects Athena IDProtect 010b.0352.0005, Athena IDProtect 010e.1245.0002, Athena IDProtect 0106.0130.0401, Athena IDProtect 010e.1245.0002, Valid S/A IDflex V 010b.0352.0005, SafeNet eToken 4300 010e.1245.0002, TecSec Armored Card 010e.0264.0001, and TecSec Armored Card 108.0264.0001."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://eprint.iacr.org/2011/232.pdf",
"refsource": "MISC",
"url": "https://eprint.iacr.org/2011/232.pdf"
},
{
"name": "https://tches.iacr.org/index.php/TCHES/article/view/7337",
"refsource": "MISC",
"url": "https://tches.iacr.org/index.php/TCHES/article/view/7337"
},
{
"name": "https://www.ssi.gouv.fr/certification_cc/bibliotheque-cryptographique-atmel-toolbox-00-03-11-05/",
"refsource": "MISC",
"url": "https://www.ssi.gouv.fr/certification_cc/bibliotheque-cryptographique-atmel-toolbox-00-03-11-05/"
},
{
"name": "https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/details?source=ECDSA\u0026number=214",
"refsource": "MISC",
"url": "https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/details?source=ECDSA\u0026number=214"
},
{
"name": "[oss-security] 20191002 Minerva: ECDSA key recovery from bit-length leakage",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/10/02/2"
},
{
"name": "https://minerva.crocs.fi.muni.cz/",
"refsource": "MISC",
"url": "https://minerva.crocs.fi.muni.cz/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-15809",
"datePublished": "2019-10-03T13:17:24",
"dateReserved": "2019-08-29T00:00:00",
"dateUpdated": "2024-08-05T00:56:22.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1674 (GCVE-0-2009-1674)
Vulnerability from cvelistv5 – Published: 2009-05-18 18:00 – Updated: 2024-08-07 05:20
VLAI?
Summary
Stack-based buffer overflow in Microchip MPLAB IDE 8.30 allows user-assisted remote attackers to execute arbitrary code via a long .cof pathname in a [TOOL_SETTINGS] section in a .mcp file, possibly a related issue to CVE-2009-1608.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:20:35.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "8656",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/8656"
},
{
"name": "35054",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35054"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-05-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Microchip MPLAB IDE 8.30 allows user-assisted remote attackers to execute arbitrary code via a long .cof pathname in a [TOOL_SETTINGS] section in a .mcp file, possibly a related issue to CVE-2009-1608."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "8656",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/8656"
},
{
"name": "35054",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35054"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1674",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Microchip MPLAB IDE 8.30 allows user-assisted remote attackers to execute arbitrary code via a long .cof pathname in a [TOOL_SETTINGS] section in a .mcp file, possibly a related issue to CVE-2009-1608."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "8656",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8656"
},
{
"name": "35054",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35054"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1674",
"datePublished": "2009-05-18T18:00:00",
"dateReserved": "2009-05-18T00:00:00",
"dateUpdated": "2024-08-07T05:20:35.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1608 (GCVE-0-2009-1608)
Vulnerability from cvelistv5 – Published: 2009-05-11 19:28 – Updated: 2024-08-07 05:20
VLAI?
Summary
Multiple buffer overflows in Microchip MPLAB IDE 8.30 and possibly earlier versions allow user-assisted remote attackers to execute arbitrary code via a .MCP project file with long (1) FILE_INFO, (2) CAT_FILTERS, and possibly other fields.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:20:34.597Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "54370",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/54370"
},
{
"name": "mplabide-catfilters-bo(50419)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50419"
},
{
"name": "35054",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35054"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.bkis.vn/?p=654"
},
{
"name": "mplabide-fileinfo-bo(50418)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50418"
},
{
"name": "34897",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34897"
},
{
"name": "20090511 [Bkis-08-2009] Microchip MPLAB IDE Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/503400/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-05-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Microchip MPLAB IDE 8.30 and possibly earlier versions allow user-assisted remote attackers to execute arbitrary code via a .MCP project file with long (1) FILE_INFO, (2) CAT_FILTERS, and possibly other fields."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "54370",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/54370"
},
{
"name": "mplabide-catfilters-bo(50419)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50419"
},
{
"name": "35054",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35054"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.bkis.vn/?p=654"
},
{
"name": "mplabide-fileinfo-bo(50418)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50418"
},
{
"name": "34897",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34897"
},
{
"name": "20090511 [Bkis-08-2009] Microchip MPLAB IDE Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/503400/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1608",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Microchip MPLAB IDE 8.30 and possibly earlier versions allow user-assisted remote attackers to execute arbitrary code via a .MCP project file with long (1) FILE_INFO, (2) CAT_FILTERS, and possibly other fields."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "54370",
"refsource": "OSVDB",
"url": "http://osvdb.org/54370"
},
{
"name": "mplabide-catfilters-bo(50419)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50419"
},
{
"name": "35054",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35054"
},
{
"name": "http://security.bkis.vn/?p=654",
"refsource": "MISC",
"url": "http://security.bkis.vn/?p=654"
},
{
"name": "mplabide-fileinfo-bo(50418)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50418"
},
{
"name": "34897",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34897"
},
{
"name": "20090511 [Bkis-08-2009] Microchip MPLAB IDE Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/503400/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1608",
"datePublished": "2009-05-11T19:28:00",
"dateReserved": "2009-05-11T00:00:00",
"dateUpdated": "2024-08-07T05:20:34.597Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}