Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-32831

In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This could lead to local information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00325055; Issue ID: MSV-868.

Published

2024-01-02T03:15:07.720

Last Modified

2025-06-18T15:15:21.070

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.5 (MEDIUM)

Weaknesses

Type: Primary
CWE-330
Type: Secondary
CWE-330

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	mediatek	software_development_kit	≤ 7.6.7.1	Yes
Hardware	mediatek	mt6890	-	No
Hardware	mediatek	mt7612	-	No
Hardware	mediatek	mt7613	-	No
Hardware	mediatek	mt7615	-	No
Hardware	mediatek	mt7622	-	No
Hardware	mediatek	mt7626	-	No
Hardware	mediatek	mt7629	-	No
Hardware	mediatek	mt7915	-	No
Hardware	mediatek	mt7916	-	No
Hardware	mediatek	mt7981	-	No
Hardware	mediatek	mt7986	-	No

References

https://corp.mediatek.com/product-security-bulletin/January-2024 Vendor Advisory ([email protected])
https://corp.mediatek.com/product-security-bulletin/January-2024 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)