Primary

Context

MediaTek WLAN Driver Heap Overflow Vulnerability Allowing Privilege Escalation

Vulnerability

A heap overflow vulnerability has been identified in the WLAN STA driver of certain MediaTek chipsets. This vulnerability arises from an incorrect bounds check, leading to a possible out-of-bounds write. Exploitation of this vulnerability could allow for local escalation of privileges, with user execution rights required. Notably, no user interaction is needed for exploitation.

Impact

Exploitation of this vulnerability could result in a heap overflow, allowing for memory corruption and potential arbitrary code execution with elevated privileges.

Added: Nov 4, 2025, 7:41 AM

Updated: Nov 4, 2025, 7:41 AM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

3.3

remediation

0.0

relevance

0.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

3.3

remediation

0.0

relevance

0.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MediaTek WLAN Driver Heap Overflow Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Affected Products

MediaTek MT7902

MediaTek MT7920

MediaTek MT7921

MediaTek MT7922

MediaTek MT7925

MediaTek MT7927

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating