Out of Bounds Write Vulnerability in MediaTek WLAN AP Driver
CVE-2025-20685

8.8HIGH

Key Information:

Vendor

MediaTek

Vendor
CVE Published:
8 July 2025

Badges

đź“° News Worthy

What is CVE-2025-20685?

A vulnerability in the MediaTek WLAN AP Driver allows for an out of bounds write due to inadequate bounds checking. This flaw enables adjacent or proximal attackers to execute arbitrary code remotely without requiring additional privileges or user interaction. It's crucial for users of affected products to apply the necessary patches to mitigate potential risks associated with this vulnerability.

Affected Version(s)

MT6890, MT7915, MT7916, MT7981, MT7986 SDK release 7.6.7.2 and before / OpenWrt 19.07, 21.02 (MT6890)

News Articles

cybersecurity – Page 6 – DEC Solutions Group

CVE-2025-49663: RRAS Buffer Overflow Vulnerability CVE-2025-49663 is a critical security vulnerability affecting the Windows Routing and Remote Access Service (RRAS). Specifically, this issue is...

3 weeks ago

References

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • đź“°

    First article discovered by dec-solutions.com

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-20685 : Out of Bounds Write Vulnerability in MediaTek WLAN AP Driver