MediaTek MT6890
Moderate fix1 remedy
cpe:2.3:h:mediatek:mt6890:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
- <= 5.1.0.0
MediaTek WLAN AP Driver Out-of-Bounds Read Vulnerability Allowing Information Disclosure
Vulnerability
Patched
A vulnerability has been identified in the MediaTek WLAN Access Point (AP) driver, where an incorrect bounds check could lead to a possible out-of-bounds read. This vulnerability allows for local information disclosure and requires user execution privileges for exploitation. Notably, no user interaction is needed to exploit this issue. The vulnerability affects several chipsets, including MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, and MT7986. It is present in the MediaTek SDK release 7.6.7.2 and prior, as well as OpenWrt versions 19.07 and 21.02.
Impact
Exploitation of this vulnerability could result in unauthorized local access to sensitive information, potentially leading to further exploitation or privilege escalation.
Added: Jul 8, 2025, 3:28 AM
Updated: Jul 8, 2025, 3:28 AM
Vulnerability Rating
Custom Algorithm
spread
7.8impact
0.6exploitability
3.3remediation
7.7relevance
0.2threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.