39 results (0.044 seconds)

CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0

In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This could lead to local information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00325055; Issue ID: MSV-868. En el controlador WLAN, existe una posible vulneración del PIN debido al uso de valores insuficientemente aleatorios. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-330: Use of Insufficiently Random Values •

CVSS: 7.2EPSS: 0%CPEs: 15EXPL: 0

In wlan service, there is a possible command injection due to improper input validation. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00244189; Issue ID: WCNCR00244189. En wlan service, se presenta una posible inyección de comando debido a una comprobación de entrada inapropiada. • https://corp.mediatek.com/product-security-bulletin/September-2023 •

CVSS: 7.5EPSS: 0%CPEs: 33EXPL: 0

In Wi-Fi, there is a possible low throughput due to misrepresentation of critical information. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220829014; Issue ID: GN20220829014. • https://corp.mediatek.com/product-security-bulletin/July-2023 •

CVSS: 6.7EPSS: 0%CPEs: 60EXPL: 0

In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035. • https://corp.mediatek.com/product-security-bulletin/February-2023 •

CVSS: 6.7EPSS: 0%CPEs: 60EXPL: 0

In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028. • https://corp.mediatek.com/product-security-bulletin/February-2023 • CWE-755: Improper Handling of Exceptional Conditions •