CVE-2022-21742

{"id": "CVE-2022-21742", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "twcert@cert.org.tw", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.5}]}, "published": "2022-06-20T06:15:08.630", "references": [{"url": "https://www.twcert.org.tw/tw/cp-132-6057-1cd0d-1.html", "tags": ["Third Party Advisory"], "source": "twcert@cert.org.tw"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-120"}]}, {"type": "Secondary", "source": "twcert@cert.org.tw", "description": [{"lang": "en", "value": "CWE-120"}]}], "descriptions": [{"lang": "en", "value": "Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function. An unauthenticated LAN attacker can exploit this vulnerability to disrupt services."}, {"lang": "es", "value": "El controlador USB de Realtek presenta una vulnerabilidad de desbordamiento del b\u00fafer debido a una insuficiente verificaci\u00f3n de la longitud de los par\u00e1metros en la funci\u00f3n de la API. Un atacante no autenticado de la LAN puede explotar esta vulnerabilidad para interrumpir los servicios"}], "lastModified": "2022-07-05T20:40:10.597", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:realtek:rtl8156_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "053B5D66-0B8C-43B6-B9BB-C7453F1538EE", "versionEndIncluding": "7.53", "versionStartIncluding": "7.42"}, {"criteria": "cpe:2.3:o:realtek:rtl8156_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8926BFFE-126D-42D1-82FE-CFF70A7F8150", "versionEndIncluding": "8.60", "versionStartIncluding": "8.49"}, {"criteria": "cpe:2.3:o:realtek:rtl8156_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79FD09FD-7A22-45A1-A647-C6B74F41C78C", "versionEndExcluding": "10.50", "versionStartIncluding": "10.28"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:realtek:rtl8156:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6A83CFC0-6E14-412E-9801-26759C5FD841"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:realtek:rtl8156b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5ABBE52B-89D5-4D35-A5A2-B3C9B4D53F77", "versionEndIncluding": "7.53", "versionStartIncluding": "7.42"}, {"criteria": "cpe:2.3:o:realtek:rtl8156b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD5CC9A1-F278-49D1-AEFD-36EE4423FC7D", "versionEndIncluding": "8.60", "versionStartIncluding": "8.49"}, {"criteria": "cpe:2.3:o:realtek:rtl8156b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D14BE40-0C3D-462C-B281-59EC98824EC3", "versionEndExcluding": "10.50", "versionStartIncluding": "10.28"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:realtek:rtl8156b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6B969E23-7613-48AC-A7CB-EE9757031F1B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:realtek:rtl8153_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "593A86CF-4157-48C8-9446-D518AD6B02EA", "versionEndIncluding": "7.53", "versionStartIncluding": "7.42"}, {"criteria": "cpe:2.3:o:realtek:rtl8153_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5452E510-572F-42C8-9BD2-A198DB6C49D8", "versionEndIncluding": "8.60", "versionStartIncluding": "8.49"}, {"criteria": "cpe:2.3:o:realtek:rtl8153_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6477CE1-4914-49CF-89E2-D0EA57FD4BC8", "versionEndExcluding": "10.50", "versionStartIncluding": "10.28"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:realtek:rtl8153:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D4516E5A-7F54-456C-8982-45FC3A90F06A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:realtek:rtl8153b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1915ED9-377D-4FF8-BC78-5CD96EF6FD22", "versionEndIncluding": "7.53", "versionStartIncluding": "7.42"}, {"criteria": "cpe:2.3:o:realtek:rtl8153b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "979193FD-DF79-4C54-9BA3-1EBB0C33ED8B", "versionEndIncluding": "8.60", "versionStartIncluding": "8.49"}, {"criteria": "cpe:2.3:o:realtek:rtl8153b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1077B900-7D08-430D-9A4B-F898321C55F5", "versionEndExcluding": "10.50", "versionStartIncluding": "10.28"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:realtek:rtl8153b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "02859B5D-AA87-4349-82FE-912FE0CA4F3B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:realtek:rtl8154_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "077F57FD-037A-4E1D-8A12-E13EB264B84B", "versionEndIncluding": "7.53", "versionStartIncluding": "7.42"}, {"criteria": "cpe:2.3:o:realtek:rtl8154_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2D6DC7D-3D8C-4E34-9E31-C048FE6E46AC", "versionEndIncluding": "8.60", "versionStartIncluding": "8.49"}, {"criteria": "cpe:2.3:o:realtek:rtl8154_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "526350AE-80DA-4216-995E-EFDCDC512CBA", "versionEndExcluding": "10.50", "versionStartIncluding": "10.28"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:realtek:rtl8154:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "42FE328C-DA1C-45E1-BC6D-653B7E8C2872"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:realtek:rtl8154b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "884B1F1E-F04E-4561-A555-10A38A3FEF2A", "versionEndIncluding": "7.53", "versionStartIncluding": "7.42"}, {"criteria": "cpe:2.3:o:realtek:rtl8154b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A8C0FD6-A428-4865-9ACB-5ACC025BBD22", "versionEndIncluding": "8.60", "versionStartIncluding": "8.49"}, {"criteria": "cpe:2.3:o:realtek:rtl8154b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4537F748-6B0E-475E-8D51-07E9472E9F5B", "versionEndExcluding": "10.50", "versionStartIncluding": "10.28"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:realtek:rtl8154b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AC2E29AC-D7C3-41C7-9DBD-A433C70E125B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:realtek:rtl8152b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B22F885E-32C6-4DB6-A7E3-20DD86795ECD", "versionEndIncluding": "7.53", "versionStartIncluding": "7.42"}, {"criteria": "cpe:2.3:o:realtek:rtl8152b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99FE41B7-E38A-48A1-B412-03F06BD78715", "versionEndIncluding": "8.60", "versionStartIncluding": "8.49"}, {"criteria": "cpe:2.3:o:realtek:rtl8152b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44C96B76-8951-41FA-84FF-993F6187CAE3", "versionEndExcluding": "10.50", "versionStartIncluding": "10.28"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:realtek:rtl8152b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "794B2656-570E-4AE4-A852-E55CFC2217C7"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "twcert@cert.org.tw"}