CRITICALπŸ‡΅πŸ‡± Wersja polska

CVE-2025-20683

CVSS 9.8v3.1pub. 2025-07-08upd. 2025-07-09

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416938; Issue ID: MSV-3444.

πŸ€– AI Analysis
How it works

The error consists of an incorrect bounds check during data writing in the WLAN AP driver, which leads to writing data outside the designated memory area (CWE-787: out of bounds write). The vulnerability can be exploited by a local user with user-level privileges (User execution privileges), without requiring any interaction from the victim.

Impact

An attacker can obtain local privilege escalation, potentially taking control of the device at the system level. Due to the critical CVSS score (9.8), the consequences include complete violation of system confidentiality, integrity, and availability.

Mitigation & patch

Security patches available from the manufacturer should be applied according to the references (Patch ID: WCNCR00416938; Issue ID: MSV-3444). Detailed information about patched versions is available in the MediaTek security bulletin from July 2025: https://corp.mediatek.com/product-security-bulletin/July-2025

Who is affected

MediaTek chipsets: MT7915, MT7916, MT7615, MT7981 and OpenWrt software. Detailed software versions are indicated in the manufacturer's references.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Mediatek Mt6890

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt7615

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt7622

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt7663

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt7915

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt7916

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt7981

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt7986

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Software Development Kit

    APP
    Mediatek
    ≀ 7.6.7.2
  • Openwrt

    OS
    Openwrt
    19.07.021.02.0
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-30872CRITICAL9.5PL βœ“ten sam produkt

Stack-based Buffer Overflow w mdns daemon OpenWrt β€” moΕΌliwy RCE

CVE-2026-30871CRITICAL9.5PL βœ“ten sam produkt

Stack-based Buffer Overflow w demonie mdns OpenWrt β€” przepeΕ‚nienie stosu przez PTR query

CVE-2025-20681CRITICAL9.8PL βœ“ten sam produkt

Out-of-bounds write w sterowniku WLAN AP MediaTek – privilege escalation

CVE-2025-20682CRITICAL9.8PL βœ“ten sam produkt

Out-of-bounds write w sterowniku WLAN AP MediaTek β€” privilege escalation

CVE-2025-20684CRITICAL9.8PL βœ“ten sam produkt

Out-of-bounds write w sterowniku WLAN AP MediaTek β€” privilege escalation

CVE-2025-20683 β€” Mediatek β€” Mt6890 β€” CRITICAL β€” CVSS 9.8 | CVEbaza.pl