Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-32467

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).

Published

2021-12-26T00:15:09.050

Last Modified

2024-11-21T06:07:05.550

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.2 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: PARTIAL
Exploitability Score

10.0

Impact Score

2.9

Weaknesses
  • Type: Primary
    CWE-125
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System mediatek mt7603e_firmware 7.4.0.0 Yes
Hardware mediatek mt7603e - No
Operating System mediatek mt7612_firmware 7.4.0.0 Yes
Hardware mediatek mt7612 - No
Operating System mediatek mt7613_firmware 7.4.0.0 Yes
Hardware mediatek mt7613 - No
Operating System mediatek mt7615_firmware 7.4.0.0 Yes
Hardware mediatek mt7615 - No
Operating System mediatek mt7622_firmware 7.4.0.0 Yes
Hardware mediatek mt7622 - No
Operating System mediatek mt7628_firmware 7.4.0.0 Yes
Hardware mediatek mt7628 - No
Operating System mediatek mt7629_firmware 7.4.0.0 Yes
Hardware mediatek mt7629 - No
Operating System mediatek mt7915_firmware 7.4.0.0 Yes
Hardware mediatek mt7915 - No
Operating System mediatek mt7620_firmware 7.4.0.0 Yes
Hardware mediatek mt7620 - No
References