Researchers from Top10VPN discovered that wpa_supplicant versions 2.10 and earlier are impacted by the more severe flaw, tracked as CVE-2023-52160, due to the software being used to manage wireless network login requests in Android devices. However, such an issue could only be successfully exploited by attackers with the SSID of an old Wi-Fi network used by their targets, indicating the need for physical proximity to victims, according to researchers. Meanwhile, the other issue affecting iNet Wireless Daemon versions 2.12 and earlier, tracked as CVE-2023-52161, could be utilized to target networks with wireless access points using Linux devices and expose them to business email compromise, data exfiltration, and malware attacks. Both issues have already been addressed by Ubuntu, Red Hat, Debian, and SUSE but while fixes have also been released for the wpa_supplicant flaw in ChromeOS, patches for Android are still underway.