216.73.217.47

CVE-2025-20728

· Published 04/11/2025 07:15 · Modified 05/11/2025 17:14

Labels: CVE-2025-20728 2025-11-04CVE-2025-20728CWE-122CWE-787[email protected]

Essential information

Published
04/11/2025 07:15
Modified
05/11/2025 17:14
Author
Creator
CVSS
7.8 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

In wlan STA driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00447115; Issue ID: MSV-4276.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
mediatek / software development kit cpe:2.3:a:mediatek:software_development_kit:3.7:*:*:*:*:*:*:*
mediatek / mt7902 cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*
mediatek / mt7920 cpe:2.3:h:mediatek:mt7920:-:*:*:*:*:*:*:*
mediatek / mt7921 cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*
mediatek / mt7922 cpe:2.3:h:mediatek:mt7922:-:*:*:*:*:*:*:*
mediatek / mt7925 cpe:2.3:h:mediatek:mt7925:-:*:*:*:*:*:*:*
mediatek / mt7927 cpe:2.3:h:mediatek:mt7927:-:*:*:*:*:*:*:*

References