Filtered by vendor Microchip Subscriptions
Filtered by product Miwi Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-37605 1 Microchip 1 Miwi 2024-11-21 7.5 High
In version 6.5 Microchip MiWi software and all previous versions including legacy products, the stack is validating only two out of four Message Integrity Check (MIC) bytes.
CVE-2021-37604 1 Microchip 1 Miwi 2024-11-21 7.5 High
In version 6.5 of Microchip MiWi software and all previous versions including legacy products, there is a possibility of frame counters being validated/updated prior to the message authentication. With this vulnerability in place, an attacker may increment the incoming frame counter values by injecting messages with a sufficiently large frame counter value and invalid payload. This results in denial of service/valid packets in the network. There is also a possibility of a replay attack in the stack.