CVE-2025-20633

High

Published: 03 February 2025

Published

03 February 2025

Modified

18 March 2025

KEV Added

—

Patch

—

CVSS Score 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0030 53.4th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00400889; Issue ID: MSV-2491.

Security Summary

CVE-2025-20633 is a high-severity vulnerability in the WLAN Access Point (AP) driver, stemming from an incorrect bounds check that enables an out-of-bounds write. This flaw affects MediaTek's WLAN AP driver components, as detailed in their product security bulletin. Classified under CWE-787 (Out-of-bounds Write), it carries a CVSS v3.1 base score of 8.8 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating significant impact potential.

An attacker positioned in the adjacent or proximal network segment (AV:A) can exploit this vulnerability remotely with low complexity, requiring no privileges (PR:N) or user interaction (UI:N). Successful exploitation leads to arbitrary code execution, granting high confidentiality, integrity, and availability impacts (C:H/I:H/A:H) without scope changes.

MediaTek's February 2025 Product Security Bulletin addresses the issue, providing Patch ID WCNCR00400889 for remediation. Affected vendors and device manufacturers should apply this patch to mitigate the risk of adjacent-network code execution.

Details

CWE(s): CWE-787

Affected Products

mediatek

software development kit

≤ 7.4.0.1

References

https://corp.mediatek.com/product-security-bulletin/February-2025
Vendor Advisory · security@mediatek.com