CVE-2025-20654

Critical CVSS: 9.8

In wlan service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00406897; Issue ID: MSV-2875.

Vendor

Mediatek

Product

Software Development Kit

CWE

CWE-787

Yayın Tarihi

2025-04-07 04:15:19

Güncelleme

2025-04-09 15:46:21

Source Identifier

security@mediatek.com

KEV Date Added

Kategoriler

CWE-787 Software Development Kit CRITICAL Mediatek 2025

Referanslar

https://corp.mediatek.com/product-security-bulletin/April-2025

Benzer Kayıtlar

Medium

CVE-2026-20446

In sec boot, there is a possible out of bounds write due to an integer overflow. This could lead to local denial of serv…

High

CVE-2026-20430

In wlan AP FW, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (prox…

High

CVE-2026-20434

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of…

Medium

CVE-2026-20436

In wlan STA driver, there is a possible escalation of privilege due to a missing bounds check. This could lead to local…

High

CVE-2026-20423

In wlan STA driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local esca…

Medium

CVE-2026-20420

In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service,…