CVE-2025-20734

Published Nov 4, 2025

Last updated 13 days ago

CVSS medium 5.3

Overview

Description: In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00441507; Issue ID: MSV-4112.
Source: security@mediatek.com
NVD status: Modified
Products: software_development_kit, openwrt

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.3
Impact score: 3.4
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Severity: MEDIUM

Weaknesses

security@mediatek.com: CWE-122
nvd@nist.gov: CWE-787

Hype score: Not currently trending

CVE-2025-20734 In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has… https://t.co/jALxWxwmYf
@CVEnew
4 Nov 2025
302 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mediatek:software_development_kit:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "0DD86CC1-BD46-42D2-9112-190CCAC96B30",
            "versionEndIncluding": "7.6.7.2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*",
            "matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*",
            "matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "05748BB1-0D48-4097-932E-E8E2E574FD8D",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "55EB4B27-6264-45BE-9A22-BE8418BB0C06",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt7663:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "10C79211-F064-499D-914E-0BACD038FBF4",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "3AB22996-9C22-4B6C-9E94-E4C055D16335",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "DD5AA441-5381-4179-89EB-1642120F72B4",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "490CD97B-021F-4350-AEE7-A2FA866D5889",
            "vulnerable": false
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "40A9E917-4B34-403F-B512-09EEBEA46811",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References