CVE-2021-37604 – This vulnerability in Microchip MiWi software a... (How to Fix)

Q: What is the severity of CVE-2021-37604?

CVE-2021-37604 has a CVSS score of 7.5 (HIGH). This vulnerability in Microchip MiWi software allows attackers to manipulate frame counters before message authentication, potentially causing denial of service by blocking valid packets or enabling replay attacks. It affects all versions up to and including 6.5, impacting wireless networks using MiWi protocol for sub-GHz communication.

📋 TL;DR

This vulnerability in Microchip MiWi software allows attackers to manipulate frame counters before message authentication, potentially causing denial of service by blocking valid packets or enabling replay attacks. It affects all versions up to and including 6.5, impacting wireless networks using MiWi protocol for sub-GHz communication.

💻 Affected Systems

Products:

Microchip MiWi software
Devices using MiWi protocol for wireless communication
SAM devices using Advanced Software Framework

Versions: All versions up to and including 6.5, including legacy products

Operating Systems: Embedded systems, IoT devices

Default Config Vulnerable: ⚠️ Yes

Notes: Affects wireless networks using MiWi protocol for sub-GHz communication; vulnerability exists in the protocol stack implementation.

📦 What is this software?

Miwi by Microchip

View all CVEs affecting Miwi →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete network disruption through sustained denial of service, allowing replay attacks that could compromise network integrity and enable unauthorized actions.

🟠

Likely Case

Intermittent packet loss and network instability, with potential for targeted disruption of specific devices or communication channels.

🟢

If Mitigated

Minimal impact with proper network segmentation and monitoring, though some performance degradation may occur during attack attempts.

🌐 Internet-Facing: MEDIUM - While the protocol is typically used in internal networks, IoT devices with internet exposure could be targeted if accessible.

🏢 Internal Only: HIGH - Wireless networks using MiWi are vulnerable to internal attackers or compromised devices within radio range.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires wireless access to the network and understanding of the MiWi protocol, but no authentication is needed once in range.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 3.50.0.100 of Advanced Software Framework (ASF)

Vendor Advisory: https://www.microchip.com/en-us/products/wireless-connectivity/software-vulnerability-response/miwi-software-vulnerability

Restart Required: Yes

Instructions:

1. Download ASF version 3.50.0.100 from Microchip website. 2. Replace existing MiWi software components. 3. Recompile and redeploy firmware to affected devices. 4. Restart devices to apply changes.

🔧 Temporary Workarounds

Network segmentation

all

Isolate MiWi networks from critical infrastructure and implement strict access controls

Frame counter monitoring

all

Implement monitoring for abnormal frame counter jumps or rapid increments

🧯 If You Can't Patch

Implement network monitoring to detect abnormal frame counter patterns and potential replay attempts
Use additional encryption layers or VPN tunnels for critical MiWi communications

🔍 How to Verify

Check if Vulnerable:

Check MiWi software version; if version is 6.5 or earlier, the system is vulnerable. Review device firmware version against Microchip advisories.

Check Version:

Check device firmware documentation or use vendor-specific commands for embedded systems (varies by implementation)

Verify Fix Applied:

Verify ASF version is 3.50.0.100 or later, and confirm MiWi protocol implementation has been updated. Test network for proper frame counter validation.

📡 Detection & Monitoring

Log Indicators:

Unusual frame counter increments
Repeated authentication failures
Abnormal packet rejection patterns

Network Indicators:

Sudden increase in invalid packets
Unusual traffic patterns in MiWi frequency bands
Replayed packets with identical content

SIEM Query:

source="miwi_wireless" AND (event_type="frame_counter_anomaly" OR auth_failure_count > threshold)

📊 Metadata

CVE ID: CVE-2021-37604

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE: CWE-670

Published: August 5, 2021

Last Updated: November 21, 2024

🔗 References

https://ww1.microchip.com/downloads/en/DeviceDoc/asf-release-notes-3.50.0.100-readme.pdf Release Notes,Vendor Advisory
https://www.microchip.com/en-us/development-tools-tools-and-software/libraries-code-examples-and-more/advanced-software-framework-for-sam-devices#Downloads Vendor Advisory
https://www.microchip.com/en-us/products/wireless-connectivity/software-vulnerability-response/miwi-software-vulnerability Vendor Advisory
https://www.microchip.com/en-us/products/wireless-connectivity/sub-ghz/miwi-protocol Vendor Advisory
https://www.microchip.com/product-change-notifications/#/ Vendor Advisory
https://ww1.microchip.com/downloads/en/DeviceDoc/asf-release-notes-3.50.0.100-readme.pdf Release Notes,Vendor Advisory
https://www.microchip.com/en-us/development-tools-tools-and-software/libraries-code-examples-and-more/advanced-software-framework-for-sam-devices#Downloads Vendor Advisory
https://www.microchip.com/en-us/products/wireless-connectivity/software-vulnerability-response/miwi-software-vulnerability Vendor Advisory
https://www.microchip.com/en-us/products/wireless-connectivity/sub-ghz/miwi-protocol Vendor Advisory
https://www.microchip.com/product-change-notifications/#/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-37604, you might also want to check these: