- Description
- In wlan service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00406897; Issue ID: MSV-2875.
- Source
- security@mediatek.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- Hype score
- Not currently trending
MediaTek's April 2025 Security Bulletin reveals critical WLAN vulnerabilities (CVE-2025-20654) in chipsets, risking remote code execution. Urgent patches needed for device safety. ⚠️📱 #MediaTek #RemoteExecution #USA link: https://t.co/gdUq0CtOX6 https://t.co/YcB98yCxIr
@TweetThreatNews
8 Apr 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-20654 Out-of-Bounds Write in WLAN Service Enables Remote Code Execution Without Authentication https://t.co/UB5FyRIs9t
@VulmonFeeds
7 Apr 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-20654 In wlan service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privi… https://t.co/zcFJWQZO9z
@CVEnew
7 Apr 2025
438 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mediatek:software_development_kit:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9C3A1278-7DC1-4E66-8F57-4B585A4838ED",
"versionEndIncluding": "7.4.0.1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55EB4B27-6264-45BE-9A22-BE8418BB0C06"
},
{
"criteria": "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3AB22996-9C22-4B6C-9E94-E4C055D16335"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mediatek:software_development_kit:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "521ABF30-6B3D-466F-83D4-E2C4297E27C7",
"versionEndIncluding": "7.6.7.0"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3AB22996-9C22-4B6C-9E94-E4C055D16335"
},
{
"criteria": "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DD5AA441-5381-4179-89EB-1642120F72B4"
},
{
"criteria": "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "490CD97B-021F-4350-AEE7-A2FA866D5889"
},
{
"criteria": "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40A9E917-4B34-403F-B512-09EEBEA46811"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A"
},
{
"criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]