CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20677
https://notcve.org/view.php?id=CVE-2025-20677
02 Jun 2025 — In Bluetooth driver, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00412256; Issue ID: MSV-3284. • https://corp.mediatek.com/product-security-bulletin/June-2025 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20676
https://notcve.org/view.php?id=CVE-2025-20676
02 Jun 2025 — In wlan STA driver, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00412240; Issue ID: MSV-3293. • https://corp.mediatek.com/product-security-bulletin/June-2025 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20675
https://notcve.org/view.php?id=CVE-2025-20675
02 Jun 2025 — In wlan STA driver, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00413201; Issue ID: MSV-3302. • https://corp.mediatek.com/product-security-bulletin/June-2025 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20673
https://notcve.org/view.php?id=CVE-2025-20673
02 Jun 2025 — In wlan STA driver, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00413200; Issue ID: MSV-3304. • https://corp.mediatek.com/product-security-bulletin/June-2025 • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20672
https://notcve.org/view.php?id=CVE-2025-20672
02 Jun 2025 — In Bluetooth driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00412257; Issue ID: MSV-3292. • https://corp.mediatek.com/product-security-bulletin/June-2025 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2024-20138
https://notcve.org/view.php?id=CVE-2024-20138
02 Dec 2024 — In wlan driver, there is a possible out of bound read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998291; Issue ID: MSV-1604. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 47EXPL: 0CVE-2024-20040
https://notcve.org/view.php?id=CVE-2024-20040
01 Apr 2024 — In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08360153 (for MT6XXX chipsets) / WCNCR00363530 (for MT79XX chipsets); Issue ID: MSV-979. En el firmware WLAN, existe una posible escritura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/April-2024 • CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-20019
https://notcve.org/view.php?id=CVE-2024-20019
04 Mar 2024 — In wlan driver, there is a possible memory leak due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00351241; Issue ID: MSV-1173. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •