Out of Bounds Write Vulnerability in MediaTek WLAN AP Driver
CVE-2025-20729

Currently unrated

Key Information:

Vendor: MediaTek
Status: Mt6890, Mt7615, Mt7622, Mt7663, Mt7915, Mt7916, Mt7981, Mt7986
Vendor: CVE Published:; 4 November 2025

What is CVE-2025-20729?

A vulnerability exists within the MediaTek WLAN AP driver where an improper bounds check can lead to an out of bounds write condition. This flaw allows a malicious actor who has already achieved system privilege to escalate their access without the need for user interaction. It is crucial for users to apply the relevant patches to mitigate potential threats.

Affected Version(s)

MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986 SDK release 7.6.7.2 and before / openWRT 19.07, 21.02

References

https://corp.mediatek.com/product-security-bulletin/Novem...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 4, 2025
Vulnerability Reserved
Nov 1, 2024

JSON