CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20631
https://notcve.org/view.php?id=CVE-2025-20631
03 Feb 2025 — In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00397141; Issue ID: MSV-2187. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20632
https://notcve.org/view.php?id=CVE-2025-20632
03 Feb 2025 — In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00397139; Issue ID: MSV-2188. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20633
https://notcve.org/view.php?id=CVE-2025-20633
03 Feb 2025 — In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00400889; Issue ID: MSV-2491. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20018
https://notcve.org/view.php?id=CVE-2024-20018
04 Mar 2024 — In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00348479; Issue ID: MSV-1019. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2023-32831
https://notcve.org/view.php?id=CVE-2023-32831
02 Jan 2024 — In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This could lead to local information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00325055; Issue ID: MSV-868. En el controlador WLAN, existe una posible vulneración del PIN debido al uso de valores insuficientemente aleatorios. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-330: Use of Insufficiently Random Values •
CVSS: 8.3EPSS: 1%CPEs: 15EXPL: 0CVE-2023-20820
https://notcve.org/view.php?id=CVE-2023-20820
04 Sep 2023 — In wlan service, there is a possible command injection due to improper input validation. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00244189; Issue ID: WCNCR00244189. En wlan service, se presenta una posible inyección de comando debido a una comprobación de entrada inapropiada. • https://corp.mediatek.com/product-security-bulletin/September-2023 •
CVSS: 7.8EPSS: 1%CPEs: 33EXPL: 0CVE-2022-32666
https://notcve.org/view.php?id=CVE-2022-32666
04 Jul 2023 — In Wi-Fi, there is a possible low throughput due to misrepresentation of critical information. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220829014; Issue ID: GN20220829014. • https://corp.mediatek.com/product-security-bulletin/July-2023 •
CVSS: 6.7EPSS: 0%CPEs: 60EXPL: 0CVE-2022-32654
https://notcve.org/view.php?id=CVE-2022-32654
06 Feb 2023 — In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705011; Issue ID: GN20220705011. • https://corp.mediatek.com/product-security-bulletin/February-2023 •
CVSS: 6.7EPSS: 0%CPEs: 60EXPL: 0CVE-2022-32655
https://notcve.org/view.php?id=CVE-2022-32655
06 Feb 2023 — In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028. • https://corp.mediatek.com/product-security-bulletin/February-2023 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 6.7EPSS: 0%CPEs: 60EXPL: 0CVE-2022-32656
https://notcve.org/view.php?id=CVE-2022-32656
06 Feb 2023 — In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035. • https://corp.mediatek.com/product-security-bulletin/February-2023 •