71 matches found
CVE-2025-20631
CVE-2025-20631 affects the MediaTek WLAN AP driver (notably on MediaTek chipsets such as MT7615/MT7622/MT7663/MT7915/MT7916/MT7981/MT7986). The root cause is an incorrect bounds check that enables an out-of-bounds write, leading to local privilege escalation with no extra privileges and no user i...
CVE-2024-20017
CVE-2024-20017 affects MediaTek Wi‑Fi chipsets via the wappd/wlan path, where an out-of-bounds write caused by insufficient input validation can enable remote code execution without user interaction. The issue is observed in MediaTek’s wappd, with public reports indicating affected firmware/SDK v...
CVE-2024-20148
CVE-2024-20148 concerns MediaTek wlan STA FW where an improper input validation leads to an out-of-bounds write. The vulnerability could enable remote code execution on proximal devices with no privileges and no user interaction required. Patch IDs associated are WCNCR00389045 and ALPS09136494 (M...
CVE-2024-20146
The CVE-2024-20146 issue affects MediaTek wlan STA driver and is caused by improper input validation leading to an out-of-bounds write. This can allow remote code execution with no additional privileges and without user interaction, affecting adjacent systems and potentially enabling high-severit...
CVE-2025-20654
CVE-2025-20654 affects the MediaTek WLAN service, where an incorrect bounds check enables an out-of-bounds write that could lead to remote code execution without user interaction. CVSS v3.1 base score 9.8 (CRITICAL; AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Patch WCNCR00406897 addresses this issue (M...
CVE-2024-20103
In CVE-2024-20103, MediaTek WLAN firmware contains an out-of-bounds write due to improper input validation, enabling remote code execution with no privileges or user interaction required. The vulnerability affects WLAN-related firmware (MediaTek) and is tracked under Patch ID ALPS09001358 and MSV...
CVE-2024-20100
CVE-2024-20100 concerns a possible out-of-bounds write in the MediaTek wlan driver, caused by improper input validation. The issue could allow remote code execution with no privileges or user interaction required. Connected sources consistently identify the affected component as the MediaTek WLAN...
CVE-2024-20101
CVE-2024-20101 affects the MediaTek WLAN stack; the vulnerability arises from improper input validation in the WLAN driver, causing an out-of-bounds write that could enable remote code execution with no privileges and no user interaction required. Public references in NVD/Red Hat and related bull...
CVE-2025-20632
CVE-2025-20632 concerns the WLAN AP driver with an out-of-bounds write caused by an incorrect bounds check, enabling local privilege escalation with no user interaction. A patch (Patch ID: WCNCR00397139; MSV-2188) is referenced. Connected sources consistently identify the WLAN AP driver as affect...
CVE-2025-20633
In MediaTek WLAN AP driver, CVE-2025-20633 describes a bound-check error causing an out-of-bounds write that could enable remote code execution without user interaction. Impact is high (C/H/I/A = 8.8 CVSS). The issue affects MediaTek MT7603/MT7615/MT7622/MT7915/related WLAN AP driver code paths a...
CVE-2025-20646
CVE-2025-20646 affects WLAN AP firmware, with an out-of-bounds write caused by improper input validation. This vulnerability could allow remote escalation of privilege without user interaction and with network access as the attack vector. The issue is documented with a patch: Patch ID WCNCR003890...
CVE-2025-20637
CVE-2025-20637 affects MediaTek MediaTek-based network hardware (network HW module). The vulnerability is caused by an uncaught exception in the network stack, which can cause a system hang and enable remote denial of service without requiring privileges or user interaction. The available documen...
CVE-2024-20018
CVE-2024-20018 affects the MediaTek WLAN driver. The issue is an out-of-bounds write caused by improper input validation, enabling local escalation of privilege with no additional execution privileges required and no user interaction needed. A patch is available (Patch ID: WCNCR00348479; Issue ID...
CVE-2024-20147
CVE-2024-20147 concerns a vulnerability in MediaTek Bluetooth firmware where an improper exception handling can lead to a reachable assertion, enabling remote denial of service without privileges or user interaction. Affected components are MediaTek chipsets, including MT79XX (and MT2737, MT3603,...
CVE-2025-20649
In Bluetooth Stack SW, a missing permission check enables information disclosure from adjacent/remote sources without requiring user interaction. Exposed component, root cause and impact are described in CVE-2025-20649 with a patch: WCNCR00396437 (Issue MSV-2184). The CVSS data indicates an adjac...
CVE-2025-20663
The CVE-2025-20663 entry affects the WLAN AP driver in MediaTek chipsets, with an information disclosure caused by an uncaught exception. Exploitation could occur remotely from nearby networks without user interaction and without additional execution privileges. The impact is confined to confiden...
CVE-2025-20674
The CVE-2025-20674 entry concerns MediaTek wlan AP driver vulnerabilities in MediaTek chipsets, where a missing permission check allows injection of arbitrary packets. This can lead to remote escalation of privilege without extra execution privileges or user interaction. The issue is documented w...
CVE-2024-20138
CVE-2024-20138 concerns the WLAN driver in affected MediaTek MediaTek-based chipsets, where improper input validation can cause an out-of-bounds read. This leads to remote information disclosure without additional privileges and without user interaction. The issue is documented across multiple so...
CVE-2024-20152
CVE-2024-20152 affects the WLAN STA driver and describes a reachable assertion caused by improper exception handling. The vulnerability permits local denial of service when a user with System privileges can trigger the condition, with no user interaction required. Reported patches include WCNCR00...
CVE-2024-20153
CVE-2024-20153 affects the WLAN STA module (MediaTek ecosystem) and describes a vulnerability where an attacker could coax a client to attach to an AP using a spoofed SSID, potentially causing remote information disclosure without extra privileges. Exploitation is stated as not requiring user int...
CVE-2025-20664
CVE-2025-20664 affects the wlan AP driver (MediaTek-based) with an information disclosure due to an uncaught exception. The flaw could enable remote (proximal/adjacent) data leakage without extra execution privileges or user interaction. Impact is limited to confidentiality (no integrity/availabi...
CVE-2024-20072
The vulnerability CVE-2024-20072 affects the WLAN driver and involves an out-of-bounds write caused by improper input validation in the driver code. This flaw could allow local escalation of privileges to System level without user interaction, as described in multiple sources. A patch is identifi...
CVE-2025-20694
CVE-2025-20694 affects Bluetooth firmware (MediaTek chipsets). The issue is a fault due to an uncaught exception that can cause a system crash, enabling remote denial of service with no user interaction and with adjacent access as per the CVSS data. The vulnerability is tied to the Bluetooth FW c...
CVE-2024-20071
CVE-2024-20071 affects the WLAN driver with an out-of-bounds read caused by improper input validation. Impact per sources is local information disclosure requiring System execution privileges, with no user interaction. Exploitation details are not provided in the documents; remediation mentioned ...
CVE-2023-32831
CVE-2023-32831 concerns the wlan driver where use of insufficiently random values can enable a local information disclosure without privileges or user interaction. The vulnerability is described across multiple sources as a PIN-crack via weak randomness in the WLAN driver. The CVSS v3.1 metrics (...
CVE-2024-20073
CVE-2024-20073 affects the wlan service due to an out-of-bounds write from improper input validation, potentially enabling local privilege escalation to SYSTEM; no user interaction required. Patch: WCNCR00367704 (MSV-1411). CVSSv3.1: 6.6 (AV:N, AC:H, PR:H, UI:N, S:U, C:H, I:H, A:H). Exploitation ...
CVE-2024-20139
CVE-2024-20139 affects MediaTek Bluetooth firmware (ALPS09001270) due to improper handling of exceptional conditions, causing local denial of service without user interaction. Root cause appears to be a firmware assertion under exceptional handling, with exploitation described as requiring adjace...
CVE-2025-20690
CVE-2025-20690 affects the WLAN AP driver and describes an out-of-bounds read caused by an incorrect bounds check, potentially allowing local information disclosure. Impact is limited to local access with low privileges and no user interaction required; CVSS indicates LOCAL access, LOW privileges...
CVE-2025-20693
The CVE-2025-20693 issue affects the wlan STA driver, with an out-of-bounds read caused by an incorrect bounds check. This vulnerability could allow remote information disclosure from proximal access without extra privileges or user interaction. The impact is described as high confidentiality ris...
CVE-2026-20408
The CVE-2026-20408 issue concerns the wlan component and is described as a heap buffer overflow causing an out-of-bounds write. The cited impact is remote proximal/adjacent privilege escalation with no additional execution privileges required and no user interaction needed. The vulnerability is t...
CVE-2025-20686
CVE-2025-20686 affects the WLAN Access Point driver. The issue is an out-of-bounds write caused by an incorrect bounds check, enabling remote code execution with no privileges and no user interaction. A patch is available: WCNCR00415570 (MSV-3404). This is the key remediation, with CVSSv3.1 metri...
CVE-2025-20691
CVE-2025-20691 affects the WLAN Access Point (AP) driver in MediaTek chipsets. The root cause is an incorrect bounds check that enables an out-of-bounds read, leading to local information disclosure. Privilege requirements are LOW with LOCAL attack vector and no user interaction required for expl...
CVE-2025-20682
The CVE-2025-20682 entry refers to an out-of-bounds write in the wlan AP driver caused by an incorrect bounds check. Affects MediaTek-based wlan AP components; impact is local privilege escalation with high confidentiality, integrity, and availability implications. Exploitation is described as no...
CVE-2025-20695
The CVE-2025-20695 involves Bluetooth firmware where an uncaught exception can cause a system crash, leading to remote denial of service without extra privileges or user interaction. Affected component is Bluetooth firmware (MediaTek-based). The vulnerability’s impact is a high availability denia...
CVE-2025-20681
CVE-2025-20681 affects the WLAN AP driver (MediaTek-anchored) with an out-of-bounds write caused by an incorrect bounds check. This enables local escalation of privilege with no user interaction required; attacker gains User-level execution. The issue is tied to patch WCNCR00416936 (MSV-3446). Mu...
CVE-2025-20684
CVE-2025-20684 affects the WLAN Access Point (AP) driver. The root cause is an out-of-bounds write caused by an incorrect bounds check, enabling local escalation of privilege with User execution privileges required and no user interaction needed. The vulnerability has a high impact (confidentiali...
CVE-2025-20683
CVE-2025-20683 affects the wlan AP driver with an out-of-bounds write caused by an incorrect bounds check. Reported impact is local escalation of privilege with high confidentiality, integrity, and availability impact per CVSS 3.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). The description indicates n...
CVE-2025-20692
CVE-2025-20692 affects the WLAN AP driver, with an out-of-bounds read caused by an incorrect bounds check. This leads to local information disclosure under user-mode privileges, with no user interaction required. The vulnerability is tracked in Red Hat as CVE-2025-20692 (patch: WCNCR00418040; MSV...
CVE-2025-20685
CVE-2025-20685 concerns a vulnerability in the wlan AP driver where an incorrect bounds check enables an out-of-bounds write. The underlying issue is a faulty bounds check in the driver, which could allow remote (proximal/adjacent) code execution without additional privileges. Exploitation is des...
CVE-2025-20688
The CVE-2025-20688 issue affects the wlan AP driver and is caused by an incorrect bounds check that enables an out-of-bounds read, leading to local information disclosure with User execution privileges needed (no user interaction required). The CVE records indicate a patch is available: WCNCR0041...
CVE-2025-20689
In WLAN AP driver, an out-of-bounds read caused by an incorrect bounds check could lead to local information disclosure. Exploitation requires local access with low privileges and no user interaction per CVSS metrics, with UI: NONE and Privileges: LOW. The issue affects the WLAN access point driv...
CVE-2026-20430
CVE-2026-20430 affects Linksys WLAN AP firmware; an out-of-bounds write caused by an incorrect bounds check could enable remote privilege escalation with no user interaction or additional execution privileges. The issue is associated with Patch ID WCNCR00467553 (MSV-5151). CVSS details indicate a...
CVE-2025-20733
CVE-2025-20733 affects the WLAN AP driver (Aruba MediaTek-based). The issue is an out-of-bounds write caused by an incorrect bounds check, enabling local privilege escalation with user privileges required and no user interaction. Patch WCNCR00441509 (MSV-4138) mitigates this; vendor advisories an...
CVE-2025-20715
CVE-2025-20715 affects the wlan AP driver. The vulnerability is an out-of-bounds write caused by an incorrect bounds check, enabling local elevation of privilege when the attacker already has System privileges. Exploitation does not require user interaction. The Patch ID is WCNCR00421152 (Issue M...
CVE-2025-20748
CVE-2025-20748 affects the wlan AP driver. The flaw is an out-of-bounds write caused by an incorrect bounds check, enabling local escalation of privilege to System privileges without user interaction. The issue is documented with Patch ID WCNCR00432679 and Issue ID MSV-3950. Multiple sources (Red...
CVE-2025-20711
The CVE-2025-20711 entry concerns the wlan AP driver with an out-of-bounds write caused by an incorrect bounds check. Affected component: wlan AP driver; root cause: improper bounds checking leading to memory overrun. Impact: remote (proximal/adjacent) escalation of privilege with no additional e...
CVE-2025-20719
The CVE-2025-20719 entry concerns the MediaTek wlan AP driver with an out-of-bounds write caused by an incorrect bounds check. This can enable remote (proximal/adjacent) privilege escalation without user interaction, with an attack vector described as adjacent and a high impact on confidentiality...
CVE-2025-20729
The CVE-2025-20729 entry describes an out-of-bounds write in the wlan AP driver caused by an incorrect bounds check. This can enable local privilege escalation for an attacker who already has System privileges, with no user interaction required. Public details consistently cite patch WCNCR0044151...
CVE-2025-20741
CVE-2025-20741 affects the Aruba WLAN AP driver, with an out-of-bounds write caused by an incorrect bounds check. This could enable local escalation of privilege for an attacker who already has System privileges; exploitation does not require user interaction. A patch is available: Patch ID WCNCR...
CVE-2025-20717
The vulnerability CVE-2025-20717 affects the wlan AP driver (MediaTek) and stems from an incorrect bounds check that enables an out-of-bounds write. This can lead to local escalation of privilege for an attacker who already has System privileges, with no user interaction required. A patch is avai...