Primary

Context

MediaTek WLAN AP Driver Arbitrary Packet Injection Vulnerability Allowing Remote Privilege Escalation

Vulnerability

A vulnerability in the MediaTek WLAN Access Point (AP) driver allows for the injection of arbitrary packets. This issue arises from a missing permission check, which could lead to remote privilege escalation without requiring additional execution privileges. Exploitation of this vulnerability does not need user interaction.

Impact

Exploitation of this vulnerability could result in unauthorized privilege escalation on the affected system.

Remediation

Users can apply the patch identified by Patch ID WCNCR00413202 to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MediaTek WLAN AP Driver Arbitrary Packet Injection Vulnerability Allowing Remote Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating