MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
History
21 Nov 2024, 06:15
Type | Values Removed | Values Added |
---|---|---|
References | () https://corp.mediatek.com/product-security-bulletin/January-2022 - Vendor Advisory | |
References | () https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300 - Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 8.2 |
06 Jan 2022, 13:52
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CWE | CWE-125 | |
CPE | cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:* cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:* cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:* cpe:2.3:o:mediatek:mt7629_firmware:2.0.2:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:* cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:* cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:* cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:* cpe:2.3:o:mediatek:mt7915_firmware:2.0.2:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:* |
|
References | (CONFIRM) https://corp.mediatek.com/product-security-bulletin/January-2022 - Vendor Advisory | |
References | (MISC) https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300 - Third Party Advisory |
05 Jan 2022, 23:15
Type | Values Removed | Values Added |
---|---|---|
Summary | MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read). | |
References |
|
26 Dec 2021, 00:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-12-26 00:15
Updated : 2024-11-21 06:15
NVD link : CVE-2021-37564
Mitre link : CVE-2021-37564
CVE.ORG link : CVE-2021-37564
JSON object : View
Products Affected
mediatek
- mt7628
- mt7613
- mt7615
- mt7915_firmware
- mt7622
- mt7603e_firmware
- mt7603e
- mt7613_firmware
- mt7628_firmware
- mt7629_firmware
- mt7629
- mt7622_firmware
- mt7915
- mt7615_firmware
CWE
CWE-125
Out-of-bounds Read