MediaTek MT6890
Moderate fix1 remedy
cpe:2.3:h:mediatek:mt6890:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
- >= MT6890, <= MT6890
MediaTek WLAN Chipsets Heap Overflow Vulnerability Allowing Privilege Escalation
Vulnerability
A heap overflow vulnerability has been identified in the WLAN access point driver of certain MediaTek chipsets. This vulnerability arises from an incorrect bounds check, leading to a possible out-of-bounds write. If exploited, it could allow a local attacker to escalate privileges, particularly if they have already obtained system privileges and the OceReducedNeighborReport feature is disabled. The vulnerability does not require user interaction for exploitation.
Impact
Exploitation of this vulnerability could lead to unauthorized privilege escalation.
Remediation
Device OEMs have been notified of this vulnerability and the corresponding security patches are available. For further information, OEMs can contact their MediaTek representative.
Added: Nov 4, 2025, 7:38 AM
Updated: Nov 4, 2025, 7:38 AM
Vulnerability Rating
Custom Algorithm
spread
8.1impact
7.5exploitability
3.0remediation
7.7relevance
0.9threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.