Local Denial of Service Vulnerability in Mediatek Bluetooth Driver
CVE-2025-20677

Currently unrated

Key Information:

Vendor: MediaTek
Status: Mt7902, Mt7921, Mt7922, Mt7925, Mt7927
Vendor: CVE Published:; 2 June 2025

What is CVE-2025-20677?

A vulnerability exists in the Bluetooth driver developed by Mediatek that could lead to a system crash due to an uncaught exception. This issue allows a local denial of service to occur without requiring user interaction for exploitation. The problem has been associated with specific versions of the driver prior to the application of the patch, which aims to mitigate the risk of this vulnerability affecting user systems. For more information, please refer to the Mediatek security bulletin.

Affected Version(s)

MT7902, MT7921, MT7922, MT7925, MT7927 NB SDK release 3.6 and before

References

https://corp.mediatek.com/product-security-bulletin/June-...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 2, 2025
Vulnerability Reserved
Nov 1, 2024

MediaTek

What is CVE-2025-20677?

Affected Version(s)

References

Timeline