CVE-2021-37572
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Missing authorization).
Los microchips de MediaTek, usados en los dispositivos NETGEAR versiones hasta 11-11-2021 y en otros dispositivos, manejan inapropiadamente los protocolos IEEE 1905. (Chipsets afectados MT7603E, MT7613, MT7615, MT7622, ??MT7628, MT7629, MT7915; Versiones de software afectadas 2.0.2; Falta la autorizaciĆ³n).
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-07-26 CVE Reserved
- 2021-12-25 CVE Published
- 2024-08-04 CVE Updated
- 2024-09-09 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-862: Missing Authorization
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://kb.netgear.com/000064368/Security-Advisory-for-WiFi-WPS-and-IEEE-1905-Vulnerabilities-on-Multiple-Products-PSV-2021-0298-PSV-2021-0300 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://corp.mediatek.com/product-security-bulletin/January-2022 | 2022-01-06 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mediatek Search vendor "Mediatek" | Mt7603e Firmware Search vendor "Mediatek" for product "Mt7603e Firmware" | 2.0.2 Search vendor "Mediatek" for product "Mt7603e Firmware" and version "2.0.2" | - |
Affected
| in | Mediatek Search vendor "Mediatek" | Mt7603e Search vendor "Mediatek" for product "Mt7603e" | - | - |
Safe
|
| Mediatek Search vendor "Mediatek" | Mt7613 Firmware Search vendor "Mediatek" for product "Mt7613 Firmware" | 2.0.2 Search vendor "Mediatek" for product "Mt7613 Firmware" and version "2.0.2" | - |
Affected
| in | Mediatek Search vendor "Mediatek" | Mt7613 Search vendor "Mediatek" for product "Mt7613" | - | - |
Safe
|
| Mediatek Search vendor "Mediatek" | Mt7615 Firmware Search vendor "Mediatek" for product "Mt7615 Firmware" | 2.0.2 Search vendor "Mediatek" for product "Mt7615 Firmware" and version "2.0.2" | - |
Affected
| in | Mediatek Search vendor "Mediatek" | Mt7615 Search vendor "Mediatek" for product "Mt7615" | - | - |
Safe
|
| Mediatek Search vendor "Mediatek" | Mt7622 Firmware Search vendor "Mediatek" for product "Mt7622 Firmware" | 2.0.2 Search vendor "Mediatek" for product "Mt7622 Firmware" and version "2.0.2" | - |
Affected
| in | Mediatek Search vendor "Mediatek" | Mt7622 Search vendor "Mediatek" for product "Mt7622" | - | - |
Safe
|
| Mediatek Search vendor "Mediatek" | Mt7628 Firmware Search vendor "Mediatek" for product "Mt7628 Firmware" | 2.0.2 Search vendor "Mediatek" for product "Mt7628 Firmware" and version "2.0.2" | - |
Affected
| in | Mediatek Search vendor "Mediatek" | Mt7628 Search vendor "Mediatek" for product "Mt7628" | - | - |
Safe
|
| Mediatek Search vendor "Mediatek" | Mt7629 Firmware Search vendor "Mediatek" for product "Mt7629 Firmware" | 2.0.2 Search vendor "Mediatek" for product "Mt7629 Firmware" and version "2.0.2" | - |
Affected
| in | Mediatek Search vendor "Mediatek" | Mt7629 Search vendor "Mediatek" for product "Mt7629" | - | - |
Safe
|
| Mediatek Search vendor "Mediatek" | Mt7915 Firmware Search vendor "Mediatek" for product "Mt7915 Firmware" | 2.0.2 Search vendor "Mediatek" for product "Mt7915 Firmware" and version "2.0.2" | - |
Affected
| in | Mediatek Search vendor "Mediatek" | Mt7915 Search vendor "Mediatek" for product "Mt7915" | - | - |
Safe
|