Primary

Context

MediaTek WLAN AP Driver Privilege Escalation Vulnerability

Vulnerability

A privilege escalation vulnerability has been identified in the MediaTek WLAN Access Point (AP) driver. This issue arises from an incorrect bounds check, leading to a possible out-of-bounds write. The vulnerability allows for remote (proximal/adjacent) escalation of privilege without requiring additional execution privileges or user interaction. Affected chipsets include MT6890, MT7915, MT7916, MT7981, and MT7986.

Impact

Exploitation of this vulnerability could result in unauthorized privilege escalation, allowing a user to gain elevated rights or access within the system.

Remediation

Device OEMs have been notified of this vulnerability and the corresponding security patches are available. For further information, OEMs can contact their MediaTek representative.

Added: Oct 14, 2025, 10:36 AM

Updated: Oct 14, 2025, 2:33 PM

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

5.0

exploitability

4.9

remediation

0.0

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

5.0

exploitability

4.9

remediation

0.0

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MediaTek WLAN AP Driver Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

MediaTek MT6890

MediaTek MT7915

MediaTek MT7916

MediaTek MT7981

MediaTek MT7986

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating