Out of Bounds Write Vulnerability in Mediatek WLAN AP Driver
CVE-2025-20712
Currently unrated
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 14 October 2025
What is CVE-2025-20712?
A vulnerability has been identified in the Mediatek WLAN AP driver where an incorrect bounds check leads to a possible out of bounds write. This flaw may enable a remote party to escalate privileges without requiring additional execution permissions or user interaction, potentially exposing systems to unauthorized access. A patch has been issued to address this issue (Patch ID: WCNCR00422323; Issue ID: MSV-3810). For further details, please refer to the Mediatek product security bulletin.
Affected Version(s)
MT6990, MT7990, MT7991, MT7992, MT7993 SDK release 8.3.1.1 and before / OpenWrt 21.02, 23.05 (MT6990)