In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This could lead to local information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00325055; Issue ID: MSV-868.
References
Link | Resource |
---|---|
https://corp.mediatek.com/product-security-bulletin/January-2024 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
05 Jan 2024, 12:11
Type | Values Removed | Values Added |
---|---|---|
First Time |
Mediatek mt7629
Mediatek mt7981 Mediatek mt7622 Mediatek mt6890 Mediatek mt7915 Mediatek mt7615 Mediatek Mediatek mt7612 Mediatek mt7626 Mediatek mt7613 Mediatek software Development Kit Mediatek mt7986 Mediatek mt7916 |
|
References | () https://corp.mediatek.com/product-security-bulletin/January-2024 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
CWE | CWE-330 | |
CPE | cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:* cpe:2.3:o:mediatek:software_development_kit:*:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7626:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:* |
02 Jan 2024, 13:47
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
02 Jan 2024, 03:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-02 03:15
Updated : 2024-01-05 12:11
NVD link : CVE-2023-32831
Mitre link : CVE-2023-32831
CVE.ORG link : CVE-2023-32831
JSON object : View
Products Affected
mediatek
- mt7916
- mt7981
- mt7613
- mt7612
- software_development_kit
- mt7629
- mt7622
- mt7626
- mt7915
- mt7986
- mt7615
- mt6890
CWE
CWE-330
Use of Insufficiently Random Values