Описание
In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This could lead to local information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00325055; Issue ID: MSV-868.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 7.6.7.1 (включая)
Одновременно
cpe:2.3:o:mediatek:software_development_kit:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7626:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7629:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*
EPSS
Процентиль: 12%
0.0004
Низкий
5.5 Medium
CVSS3
Дефекты
CWE-330
CWE-330
Связанные уязвимости
CVSS3: 5.5
github
около 2 лет назад
In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This could lead to local information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00325055; Issue ID: MSV-868.
EPSS
Процентиль: 12%
0.0004
Низкий
5.5 Medium
CVSS3
Дефекты
CWE-330
CWE-330