This page lists publicly disclosed CVE vulnerabilities affecting microchip bm78_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-46403 | The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) mishandles reject messages. | [email protected] | 8.6 | 0.30% | 2022-12-19 | 2025-04-17 |
| CVE-2022-46402 | The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PairCon_rmSend with incorrect values. | [email protected] | 6.5 | 0.05% | 2022-12-19 | 2025-04-17 |
| CVE-2022-46401 | The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PauseEncReqPlainText before pairing is complete. | [email protected] | 5.4 | 0.05% | 2022-12-19 | 2025-04-17 |
| CVE-2022-46400 | The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) allows attackers to bypass passkey entry in legacy pairing. | [email protected] | 5.4 | 0.11% | 2022-12-19 | 2025-04-17 |
| CVE-2022-46399 | The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) is unresponsive with ConReqTimeoutZero. | [email protected] | 7.5 | 0.16% | 2022-12-19 | 2025-04-17 |