CVE-2023-32831
https://notcve.org/view.php?id=CVE-2023-32831
In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This could lead to local information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00325055; Issue ID: MSV-868. En el controlador WLAN, existe una posible vulneración del PIN debido al uso de valores insuficientemente aleatorios. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-330: Use of Insufficiently Random Values •
CVE-2023-20820
https://notcve.org/view.php?id=CVE-2023-20820
In wlan service, there is a possible command injection due to improper input validation. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00244189; Issue ID: WCNCR00244189. En wlan service, se presenta una posible inyección de comando debido a una comprobación de entrada inapropiada. • https://corp.mediatek.com/product-security-bulletin/September-2023 •