CVE-2020-28592 and CVE-2020-28593 are remote code execution vulnerabilities that could allow an attacker to remotely inject code into the device to change temperatures, cooking times, and settings.