// For flags

CVE-2021-35055

 

Severity Score

8.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write).

Los microchips de MediaTek, usados en dispositivos NETGEAR versiones hasta 11-11-2021 y otros dispositivos, manejan inapropiadamente el protocolo WPS (Wi-Fi Protected Setup). (Chipsets afectados MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 7.4.0.0; Escritura fuera de lĂ­mites).

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
Low
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
Low
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-06-21 CVE Reserved
  • 2021-12-25 CVE Published
  • 2024-08-04 CVE Updated
  • 2024-09-09 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-787: Out-of-bounds Write
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Mediatek
Search vendor "Mediatek"
Mt7603e Firmware
Search vendor "Mediatek" for product "Mt7603e Firmware"
7.4.0.0
Search vendor "Mediatek" for product "Mt7603e Firmware" and version "7.4.0.0"
-
Affected
in Mediatek
Search vendor "Mediatek"
Mt7603e
Search vendor "Mediatek" for product "Mt7603e"
--
Safe
Mediatek
Search vendor "Mediatek"
Mt7612 Firmware
Search vendor "Mediatek" for product "Mt7612 Firmware"
7.4.0.0
Search vendor "Mediatek" for product "Mt7612 Firmware" and version "7.4.0.0"
-
Affected
in Mediatek
Search vendor "Mediatek"
Mt7612
Search vendor "Mediatek" for product "Mt7612"
--
Safe
Mediatek
Search vendor "Mediatek"
Mt7613 Firmware
Search vendor "Mediatek" for product "Mt7613 Firmware"
7.4.0.0
Search vendor "Mediatek" for product "Mt7613 Firmware" and version "7.4.0.0"
-
Affected
in Mediatek
Search vendor "Mediatek"
Mt7613
Search vendor "Mediatek" for product "Mt7613"
--
Safe
Mediatek
Search vendor "Mediatek"
Mt7615 Firmware
Search vendor "Mediatek" for product "Mt7615 Firmware"
7.4.0.0
Search vendor "Mediatek" for product "Mt7615 Firmware" and version "7.4.0.0"
-
Affected
in Mediatek
Search vendor "Mediatek"
Mt7615
Search vendor "Mediatek" for product "Mt7615"
--
Safe
Mediatek
Search vendor "Mediatek"
Mt7622 Firmware
Search vendor "Mediatek" for product "Mt7622 Firmware"
7.4.0.0
Search vendor "Mediatek" for product "Mt7622 Firmware" and version "7.4.0.0"
-
Affected
in Mediatek
Search vendor "Mediatek"
Mt7622
Search vendor "Mediatek" for product "Mt7622"
--
Safe
Mediatek
Search vendor "Mediatek"
Mt7628 Firmware
Search vendor "Mediatek" for product "Mt7628 Firmware"
7.4.0.0
Search vendor "Mediatek" for product "Mt7628 Firmware" and version "7.4.0.0"
-
Affected
in Mediatek
Search vendor "Mediatek"
Mt7628
Search vendor "Mediatek" for product "Mt7628"
--
Safe
Mediatek
Search vendor "Mediatek"
Mt7629 Firmware
Search vendor "Mediatek" for product "Mt7629 Firmware"
7.4.0.0
Search vendor "Mediatek" for product "Mt7629 Firmware" and version "7.4.0.0"
-
Affected
in Mediatek
Search vendor "Mediatek"
Mt7629
Search vendor "Mediatek" for product "Mt7629"
--
Safe
Mediatek
Search vendor "Mediatek"
Mt7915 Firmware
Search vendor "Mediatek" for product "Mt7915 Firmware"
7.4.0.0
Search vendor "Mediatek" for product "Mt7915 Firmware" and version "7.4.0.0"
-
Affected
in Mediatek
Search vendor "Mediatek"
Mt7915
Search vendor "Mediatek" for product "Mt7915"
--
Safe
Mediatek
Search vendor "Mediatek"
Mt7620 Firmware
Search vendor "Mediatek" for product "Mt7620 Firmware"
7.4.0.0
Search vendor "Mediatek" for product "Mt7620 Firmware" and version "7.4.0.0"
-
Affected
in Mediatek
Search vendor "Mediatek"
Mt7620
Search vendor "Mediatek" for product "Mt7620"
--
Safe
Mediatek
Search vendor "Mediatek"
Mt7610 Firmware
Search vendor "Mediatek" for product "Mt7610 Firmware"
7.4.0.0
Search vendor "Mediatek" for product "Mt7610 Firmware" and version "7.4.0.0"
-
Affected
in Mediatek
Search vendor "Mediatek"
Mt7610
Search vendor "Mediatek" for product "Mt7610"
--
Safe