← Back to CVEs
CVE-2022-35624
HIGH8.2
Description
In Nordic nRF5 SDK for Mesh 5.0, a heap overflow vulnerability can be triggered by sending a series of segmented packets with SegO > SegN
CVE Details
CVSS v3.1 Score8.2
SeverityHIGH
CVSS VectorCVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
Attack VectorADJACENT_NETWORK
ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
Published8/15/2022
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
nordicsemi:nrf5_sdk_for_mesh
Weaknesses (CWE)
CWE-787
References
https://docs.google.com/document/d/1BrgB1bQiL-cMXQGaXJWSSyaZY51Zxomp/edit?usp=sharing&ouid=112184420235437308950&rtpof=true&sd=true(cve@mitre.org)
https://docs.google.com/document/d/1BrgB1bQiL-cMXQGaXJWSSyaZY51Zxomp/edit?usp=sharing&ouid=112184420235437308950&rtpof=true&sd=true(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.