In wlan STA driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00465314; Issue ID: MSV-4956.
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HMediatek Mt7902
HWMediatekwszystkie wersjeMediatek Mt7920
HWMediatekwszystkie wersjeMediatek Mt7921
HWMediatekwszystkie wersjeMediatek Mt7922
HWMediatekwszystkie wersjeMediatek Mt7925
HWMediatekwszystkie wersjeMediatek Mt7927
HWMediatekwszystkie wersjeMediatek Nbiot Sdk
APPMediatek≤ 3.8
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2026-20407CRITICAL9.3PL ✓ten sam produkt
Privilege escalation w sterowniku WLAN STA MediaTek — brak bounds check
CVE-2025-20680CRITICAL9.8PL ✓ten sam produkt
MediaTek Bluetooth – heap buffer overflow umożliwiający privilege escalation
CVE-2025-20672CRITICAL9.8PL ✓ten sam produkt
Przepełnienie bufora sterty w sterowniku Bluetooth — MediaTek MT79xx
CVE-2024-20148CRITICAL9.8PL ✓ten sam produkt
Out-of-bounds write w WLAN STA FW MediaTek — zdalne RCE
CVE-2024-20101CRITICAL9.8PL ✓ten sam produkt
MediaTek WLAN Driver — błąd zapisu poza buforem umożliwiający RCE