Lucene search

K
cveMitreCVE-2021-37565
HistoryDec 26, 2021 - 12:15 a.m.

CVE-2021-37565

2021-12-2600:15:09
CWE-125
mitre
web.nvd.nist.gov
35
mediatek
microchips
netgear
cve-2021-37565
ieee 1905
mt7603e
mt7613
mt7615
mt7622
mt7628
mt7629
mt7915
out-of-bounds read
nvd

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

8.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

46.2%

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).

Affected configurations

Nvd
Node
mediatekmt7603e_firmwareMatch2.0.2
AND
mediatekmt7603eMatch-
Node
mediatekmt7613_firmwareMatch2.0.2
AND
mediatekmt7613Match-
Node
mediatekmt7615_firmwareMatch2.0.2
AND
mediatekmt7615Match-
Node
mediatekmt7622_firmwareMatch2.0.2
AND
mediatekmt7622Match-
Node
mediatekmt7628_firmwareMatch2.0.2
AND
mediatekmt7628Match-
Node
mediatekmt7629_firmwareMatch2.0.2
AND
mediatekmt7629Match-
Node
mediatekmt7915_firmwareMatch2.0.2
AND
mediatekmt7915Match-
VendorProductVersionCPE
mediatekmt7603e_firmware2.0.2cpe:2.3:o:mediatek:mt7603e_firmware:2.0.2:*:*:*:*:*:*:*
mediatekmt7603e-cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*
mediatekmt7613_firmware2.0.2cpe:2.3:o:mediatek:mt7613_firmware:2.0.2:*:*:*:*:*:*:*
mediatekmt7613-cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*
mediatekmt7615_firmware2.0.2cpe:2.3:o:mediatek:mt7615_firmware:2.0.2:*:*:*:*:*:*:*
mediatekmt7615-cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*
mediatekmt7622_firmware2.0.2cpe:2.3:o:mediatek:mt7622_firmware:2.0.2:*:*:*:*:*:*:*
mediatekmt7622-cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*
mediatekmt7628_firmware2.0.2cpe:2.3:o:mediatek:mt7628_firmware:2.0.2:*:*:*:*:*:*:*
mediatekmt7628-cpe:2.3:h:mediatek:mt7628:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 141

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

8.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

AI Score

7.6

Confidence

High

EPSS

0.001

Percentile

46.2%

Related for CVE-2021-37565