CVE-2025-20741

Published Nov 4, 2025

Last updated 7 months ago

CVSS medium 6.7
MediaTek, Inc

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-20741 describes a vulnerability found in the WLAN AP driver, attributed to MediaTek, Inc. This flaw is characterized as a possible out-of-bounds write, stemming from an incorrect bounds check within the driver's code. Exploitation of this vulnerability could potentially lead to a local escalation of privilege. This scenario would occur if a malicious actor has already obtained System privilege on the affected system. User interaction is not required for the exploitation of this issue.

Description
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00434422; Issue ID: MSV-3958.
Source
security@mediatek.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
6.7
Impact score
5.9
Exploitability score
0.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity
MEDIUM

Weaknesses

security@mediatek.com
CWE-122

Social media

Hype score
Not currently trending

  1. New post is up! This one uses CVE-2025-20741 (a heap overflow in the MediaTek MT76xx driver) to show how a bit of kernel alchemy can turn a heap OOB write into a number of stronger exploit primitives, up to page-level r/w via pipe_buffer corruption :) https://t.co/rA7nKZex5U

    @hyprdude

    3 Apr 2026

    15411 Impressions

    80 Retweets

    281 Likes

    181 Bookmarks

    1 Reply

    0 Quotes

  2. CVE-2025-20741 Local Privilege Escalation in WLAN AP Driver via Out-of-Bounds Write https://t.co/hoGbIaoVXn Vulnerability Notification: https://t.co/xhLrNnfyrO

    @VulmonFeeds

    4 Nov 2025

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2025-20741 In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has… https://t.co/cPDcjeX5ak

    @CVEnew

    4 Nov 2025

    266 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.