Out of Bounds Write Vulnerability in MediaTek WLAN AP Driver
CVE-2025-20718
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 14 October 2025
What is CVE-2025-20718?
The WLAN AP Driver from MediaTek exhibits an out of bounds write vulnerability caused by an inadequate bounds check. This type of vulnerability could potentially allow local users to escalate their privileges, albeit requiring user execution privileges to be exploited. Notably, no user interaction is needed for the actual exploitation to take place, highlighting a significant security concern. MediaTek has acknowledged the issue and provided a patch identified as WCNCR00419945 to mitigate the risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 SDK release 7.6.7.2 and before / openWRT 19.07, 21.02
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved
