Primary

Context

MediaTek WLAN AP Driver Uncaught Exception Leading to Information Disclosure Vulnerability

Vulnerability

Patched

A vulnerability allowing information disclosure has been identified in the MediaTek WLAN Access Point (AP) driver. This issue arises from an uncaught exception, which could result in remote (proximal/adjacent) information disclosure. The vulnerability does not require any additional execution privileges or user interaction for exploitation. It affects several chipsets, including MT7915, MT7916, MT7981, MT7986, MT7990, and MT7992, with vulnerable software versions including SDK release 7.4.0.1 (for MT7915), 7.6.7.2 (for MT7916 and MT798X), and 8.2.1.4 (for MT799X) and prior.

Impact

Exploitation of this vulnerability could lead to unauthorized information disclosure.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

2.5

exploitability

4.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

2.5

exploitability

4.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MediaTek WLAN AP Driver Uncaught Exception Leading to Information Disclosure Vulnerability

Vulnerability

Impact

Affected Products

MediaTek MT7915

MediaTek MT7916

MediaTek MT7981

MediaTek MT7986

MediaTek MT7990

MediaTek MT7992

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating