CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2023-32831
https://notcve.org/view.php?id=CVE-2023-32831
02 Jan 2024 — In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This could lead to local information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00325055; Issue ID: MSV-868. En el controlador WLAN, existe una posible vulneración del PIN debido al uso de valores insuficientemente aleatorios. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-330: Use of Insufficiently Random Values •
CVSS: 10.0EPSS: 0%CPEs: 12EXPL: 0CVE-2022-32664
https://notcve.org/view.php?id=CVE-2022-32664
03 Jan 2023 — In Config Manager, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Patch ID: A20220004; Issue ID: OSBNB00140929. En Config Manager, existe una posible inyección de comando debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/January-2023 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 2%CPEs: 4EXPL: 0CVE-2022-32665
https://notcve.org/view.php?id=CVE-2022-32665
03 Jan 2023 — In Boa, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20220026; Issue ID: OSBNB00144124. En Boa, existe una posible inyección de comando debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/January-2023 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-30636
https://notcve.org/view.php?id=CVE-2021-30636
24 Jan 2022 — In MediaTek LinkIt SDK before 4.6.1, there is a possible memory corruption due to an integer overflow during mishandled memory allocation by pvPortCalloc and pvPortRealloc. En MediaTek LinkIt SDK versiones anteriores a 4.6.1, se presenta una posible corrupción de memoria debido a un desbordamiento de enteros durante la asignación de memoria manejada inapropiadamente por pvPortCalloc y pvPortRealloc • https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04 • CWE-190: Integer Overflow or Wraparound •