JFrog's security research team conducted a supply chain security assessment, uncovering six significant vulnerabilities in Realtek's RTL8195A Wi-Fi module, commonly used in embedded devices across various industries. These vulnerabilities, which can be exploited for remote root access and potentially allow attackers to control wireless communications, affect the WPA2 handshake mechanism and include stack overflow and out-of-bounds read issues. The most critical vulnerability, VD-1406, permits remote takeover of the module without requiring Wi-Fi network credentials. Realtek has issued a security bulletin and CVE for VD-1406, and patches are available for all identified issues. Despite the potential for remote code execution and denial of service attacks, mitigation is possible through firmware updates and utilizing strong WPA2 passphrases.