In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This could lead to local information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00325055; Issue ID: MSV-868.
References
Link | Resource |
---|---|
https://corp.mediatek.com/product-security-bulletin/January-2024 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
05 Jan 2024, 12:11
Type | Values Removed | Values Added |
---|---|---|
First Time |
Mediatek mt6890
Mediatek mt7622 Mediatek mt7612 Mediatek mt7981 Mediatek mt7626 Mediatek mt7629 Mediatek Mediatek mt7916 Mediatek software Development Kit Mediatek mt7613 Mediatek mt7615 Mediatek mt7986 Mediatek mt7915 |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
CPE | cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:* cpe:2.3:o:mediatek:software_development_kit:*:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7626:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:* |
|
References | () https://corp.mediatek.com/product-security-bulletin/January-2024 - Vendor Advisory | |
CWE | CWE-330 |
02 Jan 2024, 03:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-02 03:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-32831
Mitre link : CVE-2023-32831
CVE.ORG link : CVE-2023-32831
JSON object : View
Products Affected
mediatek
- software_development_kit
- mt7916
- mt7613
- mt6890
- mt7981
- mt7626
- mt7986
- mt7629
- mt7915
- mt7622
- mt7612
- mt7615
CWE
CWE-330
Use of Insufficiently Random Values