Denial of Service Vulnerability in MediaTek WLAN Driver
CVE-2025-20673

5.5MEDIUM

Key Information:

Vendor: MediaTek
Status: Mt7902, Mt7921, Mt7922, Mt7925, Mt7927
Vendor: CVE Published:; 2 June 2025

What is CVE-2025-20673?

A vulnerability in the MediaTek WLAN STA driver can lead to a system crash caused by an uncaught exception. This issue allows for a local denial of service to occur with user execution privileges required for exploitation. Notably, user interaction is not necessary to exploit this vulnerability, making it a significant concern for users seeking to maintain system integrity. A patch has been released to address this security flaw.

Affected Version(s)

MT7902, MT7921, MT7922, MT7925, MT7927 NB SDK release 3.6 and before

References

https://corp.mediatek.com/product-security-bulletin/June-...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 2, 2025
Vulnerability Reserved
Nov 1, 2024