CVE-2025-20724_CVE-2025-20724

5.5 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Description

In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418894; Issue ID: MSV-3475.

Basic Information

ID CVE-2025-20724

Source MediaTek

Published Oct 14, 2025 at 09:12

Modified Oct 14, 2025 at 14:03

Affected Product

Vendor MediaTek, Inc.

Product MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986

Version SDK release 7.6.7.2 and before / openWRT 19.07, 21.02 (MT6890)

Affected Versions MediaTek, Inc. MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 SDK release 7.6.7.2 and before / openWRT 19.07, 21.02 (MT6890)

CWE Classification

CWE-125

References

corp.mediatek.com /product-security-bulletin/October-2025

{
    "lastseen": "",
    "description": "In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418894; Issue ID: MSV-3475.",
    "published": "2025-10-14T09:12:06.798Z",
    "modified": "2025-10-14T14:03:57.815Z",
    "type": "cve",
    "title": "CVE-2025-20724",
    "source": "MediaTek",
    "references": "https://corp.mediatek.com/product-security-bulletin/October-2025",
    "id": "CVE-2025-20724",
    "bulletinFamily": "",
    "cwe": [
        "CWE-125"
    ],
    "cvelist": null,
    "sourceData": "MediaTek, Inc. MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 SDK release 7.6.7.2 and before / openWRT 19.07, 21.02 (MT6890)",
    "sourceHref": "",
    "cvss": {
        "score": 5.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986",
    "version": "SDK release 7.6.7.2 and before / openWRT 19.07, 21.02 (MT6890)",
    "vendor": "MediaTek, Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}