Browse all 18 CVE security advisories affecting Microchip. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Microchip develops embedded systems and microcontrollers for industrial, automotive, and consumer applications. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation and insecure default configurations. Security researchers have identified authentication bypass issues and buffer overruns in various firmware versions. While no major public incidents have been widely reported, the 18 documented CVEs highlight ongoing security concerns in their embedded products, particularly in legacy devices where patching may be challenging. Their security posture reflects common embedded system vulnerabilities, emphasizing the need for robust firmware updates and secure coding practices in IoT and industrial control environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-43683 | Improper verification of the Host header in TimeProvider 4100 — TimeProvider 4100CWE-601 | 6.1 | - | 2024-10-04 |
| CVE-2024-43684 | Cross-Site Request Forgery vulnerability in TimeProvider 4100 — TimeProvider 4100CWE-352 | 7.1 | - | 2024-10-04 |
| CVE-2024-43685 | Session token fixation in TimeProvider 4100 — TimeProvider 4100CWE-613 | 8.8 | - | 2024-10-04 |
| CVE-2024-43686 | Reflected XSS in TimeProvider 4100 chart component — TimeProvider 4100CWE-79 | 6.1 | - | 2024-10-04 |
| CVE-2024-9054 | Remote code Execution inTimeProvider® 4100 — TimeProvider 4100CWE-78 | 8.8 | - | 2024-10-04 |
| CVE-2024-43687 | XSS vulnerability in bannerconfig endpoint in TimeProvider 4100 — TimeProvider 4100CWE-79 | 6.1 | - | 2024-10-04 |
| CVE-2024-7801 | SQL injection in get_chart_data in TimeProvider 4100 — TimeProvider 4100CWE-89 | 9.8 | - | 2024-10-04 |
This page lists every published CVE security advisory associated with Microchip. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.