CVE-2022-35623 HIGH

CVE-2022-35623

Vendor N/A
Product n/a
Published August 15, 2022
Last update August 3, 2024

CVSS base score

8.2/10
Attack vector Adjacent
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity Low

CVSS vector

CVSS:3.1/AC:L/AV:A/A:L/C:H/I:L/PR:L/S:C/UI:N

What the vulnerability does

01Description

In Nordic nRF5 SDK for Mesh 5.0, a heap overflow vulnerability can be triggered by sending a series of segmented control packets and access packets with the same SeqAuth

Key dates

02Disclosure timeline

August 15, 2022 CVE published
August 3, 2024 Record updated