CRITICAL🇵🇱 Wersja polska

CVE-2025-20684

CVSS 9.8v3.1pub. 2025-07-08upd. 2025-07-09

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416939; Issue ID: MSV-3422.

🤖 AI Analysis
How it works

The WLAN AP (Access Point) driver contains an incorrect bounds check, which leads to writing outside the allocated memory area (out of bounds write — CWE-787). An attacker with regular user privileges (User execution privileges) can trigger this vulnerability without requiring victim interaction. The result is the possibility of local privilege escalation on the vulnerable device.

Impact

An attacker can obtain higher system privileges than they are entitled to, which in practice may mean full control over the vulnerable device, including access to sensitive data, system modification, and disruption of its operation.

Mitigation & patch

Apply patch with identifier WCNCR00416939 (Issue ID: MSV-3422) according to the MediaTek security bulletin guidelines from July 2025, available at https://corp.mediatek.com/product-security-bulletin/July-2025. OEM device manufacturers using the mentioned chipsets should immediately implement the firmware update.

Who is affected

Devices equipped with MediaTek MT7615, MT7622, MT7663 chipsets and products using MediaTek Software Development Kit (SDK) with the vulnerable WLAN AP driver — specific versions indicated in manufacturer references (MediaTek security bulletin, July 2025).

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Mediatek Mt7615

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt7622

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt7663

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Software Development Kit

    APP
    Mediatek
    ≤ 5.1.0.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-20683CRITICAL9.8PL ✓ten sam produkt

Out of bounds write w sterowniku wlan AP — eskalacja uprawnień na układach MediaTek

CVE-2025-20681CRITICAL9.8PL ✓ten sam produkt

Out-of-bounds write w sterowniku WLAN AP MediaTek – privilege escalation

CVE-2025-20682CRITICAL9.8PL ✓ten sam produkt

Out-of-bounds write w sterowniku WLAN AP MediaTek — privilege escalation

CVE-2025-20674CRITICAL9.8PL ✓ten sam produkt

Brak weryfikacji uprawnień w sterowniku WLAN AP MediaTek — zdalne eskalowanie przywilejów

CVE-2025-20654CRITICAL9.8PL ✓ten sam produkt

RCE w usłudze WLAN MediaTek — błędne sprawdzenie granic zapisu (out of bounds write)