So am I to understand that from an OpSec perspective, connecting a machine to a known compromised system, is ok to do, “because you want internet”?
Maybe because I’m not opsec and don’t know my ass from a hole in the ground, but my security recommendation would be, no, do not purposely connect your machine to a known compromised system regardless of its advertised purpose, attack vectors, attack surface, probability of unwanted exploitation, or justification as to why it’s necessary to do so, because you’re exposing yourself, and possibly corporate machine and network, to compromise. Find a trusted system (aka audited and considered reasonably low risk while acknowledging no system can ever be deemed fully secure and trust, or zero trust is a large determining factor) and consider the compromised machine as not existing at all, therefore not being an option at all, because connecting to it would go against common sense and 8th graders practice better security habits
A WiFi access point has far less capability to hack its clients than a baseband firmware on an LTE modem with direct memory access to the host.
This is basic opsec stuff. If you’re interested it is a cool rabbit hole to go down just to see how insecure standard systems are.