Out of Bounds Write Vulnerability in Mediatek WLAN AP Driver
CVE-2025-20709
Currently unrated
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 14 October 2025
What is CVE-2025-20709?
The Mediatek WLAN AP driver suffers from an out of bounds write vulnerability caused by improper bounds checking. This weakness may allow an attacker to exploit the issue remotely, resulting in escalation of privileges without requiring any user interaction. The vulnerability's exploitation could grant unauthorized access and control within affected networking environments. It is crucial for users and administrators to apply the recommended patch (WCNCR00415809) to mitigate these security risks.
Affected Version(s)
MT6890, MT7915, MT7916, MT7981, MT7986 SDK release 7.6.7.2 and before / OpenWrt 19.07, 21.02 (MT6890)