Primary

Context

MediaTek WLAN Heap Overflow Vulnerability Allowing Privilege Escalation

Vulnerability

A heap overflow vulnerability has been identified in the WLAN access point driver of certain MediaTek chipsets. This vulnerability arises from an incorrect bounds check, leading to a possible out-of-bounds write. If exploited, it could allow a malicious actor with system privileges to escalate privileges further. The issue does not require user interaction for exploitation.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation.

Added: Nov 4, 2025, 7:29 AM

Updated: Nov 4, 2025, 2:32 PM

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

7.5

exploitability

3.0

remediation

0.0

relevance

0.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

7.5

exploitability

3.0

remediation

0.0

relevance

0.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MediaTek WLAN Heap Overflow Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Affected Products

MediaTek MT6890

MediaTek MT7615

MediaTek MT7622

MediaTek MT7663

MediaTek MT7915

MediaTek MT7916

MediaTek MT7981

MediaTek MT7986

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating