CVE-2025-20718_CVE-2025-20718

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00419945; Issue ID: MSV-3581.

Basic Information

ID CVE-2025-20718

Source MediaTek

Published Oct 14, 2025 at 09:11

Modified Oct 14, 2025 at 14:05

Affected Product

Vendor MediaTek, Inc.

Product MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986

Version SDK release 7.6.7.2 and before / openWRT 19.07, 21.02

Affected Versions MediaTek, Inc. MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 SDK release 7.6.7.2 and before / openWRT 19.07, 21.02

CWE Classification

CWE-121

References

corp.mediatek.com /product-security-bulletin/October-2025

{
    "lastseen": "",
    "description": "In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00419945; Issue ID: MSV-3581.",
    "published": "2025-10-14T09:11:37.980Z",
    "modified": "2025-10-14T14:05:45.585Z",
    "type": "cve",
    "title": "CVE-2025-20718",
    "source": "MediaTek",
    "references": "https://corp.mediatek.com/product-security-bulletin/October-2025",
    "id": "CVE-2025-20718",
    "bulletinFamily": "",
    "cwe": [
        "CWE-121"
    ],
    "cvelist": null,
    "sourceData": "MediaTek, Inc. MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 SDK release 7.6.7.2 and before / openWRT 19.07, 21.02",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986",
    "version": "SDK release 7.6.7.2 and before / openWRT 19.07, 21.02",
    "vendor": "MediaTek, Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}