What the vulnerability does
01Description
In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning.
CVE-2022-1041
HIGH
CVE-2022-1041: Out-of-bound write vulnerability in the Bluetooth mesh core stack can be triggered during provisioning
CVSS base score
8.2/10
CVSS vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
Key dates
02Disclosure timeline
July 26, 2022
CVE published
September 17, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-41033
CVE-2024-27339 Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
CVE-2021-26562
CVE-2026-3703 Wavlink NU516U1 login.cgi sub_401A10 out-of-bounds write
CVE-2021-45068 Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
