CVE-2025-20748 – MediaTek WLAN AP Driver Out-of-Bounds Write Vulnerability Allowing Privilege Escalation

Vulnerability

A vulnerability has been identified in the MediaTek WLAN Access Point (AP) driver, where an out-of-bounds write can occur due to an improper bounds check. This flaw could potentially lead to local privilege escalation, but requires that the attacker already has system privileges. The vulnerability does not require user interaction to be exploited.

Impact

Exploitation of this vulnerability could result in unauthorized privilege escalation, allowing a user with system rights to gain elevated privileges.

Remediation

A patch for this vulnerability has been issued, and can be applied by following the instructions provided in the MediaTek November 2025 Product Security Bulletin.

Added: Nov 4, 2025, 7:21 AM

Updated: Nov 4, 2025, 2:28 PM

Affected Products

MediaTek MT7902

0 remedies

cpe:2.3:h:mediatek:mt7902:*:*:*:*:*:*:*, +1 more

0 remedies

>= MT7902, < MT7902-D81

MediaTek MT7920

0 remedies

cpe:2.3:h:mediatek:mt7920:*:*:*:*:*:*:*

0 remedies

MediaTek MT7921

0 remedies

cpe:2.3:h:mediatek:mt7921:*:*:*:*:*:*:*, +1 more

0 remedies

>= MT7921, < MT7921-D81

MediaTek MT7922

0 remedies

cpe:2.3:h:mediatek:mt7922:*:*:*:*:*:*:*

0 remedies

MediaTek MT7925

0 remedies

cpe:2.3:h:mediatek:mt7925:*:*:*:*:*:*:*

0 remedies

MediaTek MT7927

0 remedies

cpe:2.3:h:mediatek:mt7927:*:*:*:*:*:*:*

0 remedies

MediaTek MT6890

0 remedies

cpe:2.3:h:mediatek:mt6890:*:*:*:*:*:*:*, +1 more

0 remedies

>= MT6890, < MT6890-D81

MediaTek MT7615

0 remedies

cpe:2.3:h:mediatek:mt7615:*:*:*:*:*:*:*, +1 more

0 remedies

>= MT7615, < MT7615-D81

MediaTek MT7622

0 remedies

cpe:2.3:h:mediatek:mt7622:*:*:*:*:*:*:*, +1 more

0 remedies

>= MT7622, < MT7622-D81

MediaTek MT7663

0 remedies

cpe:2.3:h:mediatek:mt7663:*:*:*:*:*:*:*, +1 more

0 remedies

>= MT7663, < MT7663-D81

MediaTek MT7915

0 remedies

cpe:2.3:h:mediatek:mt7915:*:*:*:*:*:*:*, +1 more

0 remedies

>= MT7915, < MT7915-D81

MediaTek MT7916

0 remedies

cpe:2.3:h:mediatek:mt7916:*:*:*:*:*:*:*, +1 more

0 remedies

>= MT7916, < MT7916-D81

MediaTek MT7981

0 remedies

cpe:2.3:h:mediatek:mt7981:*:*:*:*:*:*:*, +1 more

0 remedies

>= MT7981, < MT7981-D81

MediaTek MT7986

0 remedies

cpe:2.3:h:mediatek:mt7986:*:*:*:*:*:*:*, +1 more

0 remedies

>= MT7986, < MT7986-D81

CVSS Scores

volerion

8.4

CVSS 4.0

8.4

High

volerion

6.7

CVSS 3.1

6.7

Medium

CISA-ADP

6.7

CVSS 3.1

6.7

Medium

Click a row to open the calculator.

References

https://corp.mediatek.com/product-security-bulletin/November-2025

AdvisoryBundleVendor

Showing 1-1 of 1 references

MediaTek WLAN AP Driver Out-of-Bounds Write Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

MediaTek MT7902

MediaTek MT7920

MediaTek MT7921

MediaTek MT7922

MediaTek MT7925

MediaTek MT7927

MediaTek MT6890

MediaTek MT7615

MediaTek MT7622

MediaTek MT7663

MediaTek MT7915

MediaTek MT7916

MediaTek MT7981

MediaTek MT7986

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating