CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2025-20664
https://notcve.org/view.php?id=CVE-2025-20664
07 Apr 2025 — In wlan AP driver, there is a possible information disclosure due to an uncaught exception. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00406217; Issue ID: MSV-2773. • https://corp.mediatek.com/product-security-bulletin/April-2025 • CWE-248: Uncaught Exception •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-20663
https://notcve.org/view.php?id=CVE-2025-20663
07 Apr 2025 — In wlan AP driver, there is a possible information disclosure due to an uncaught exception. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00408868; Issue ID: MSV-3031. • https://corp.mediatek.com/product-security-bulletin/April-2025 • CWE-248: Uncaught Exception •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20646
https://notcve.org/view.php?id=CVE-2025-20646
03 Mar 2025 — In wlan AP FW, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389074; Issue ID: MSV-1803. • https://corp.mediatek.com/product-security-bulletin/March-2025 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20637
https://notcve.org/view.php?id=CVE-2025-20637
03 Feb 2025 — In network HW, there is a possible system hang due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00399035; Issue ID: MSV-2380. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-248: Uncaught Exception •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20631
https://notcve.org/view.php?id=CVE-2025-20631
03 Feb 2025 — In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00397141; Issue ID: MSV-2187. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20632
https://notcve.org/view.php?id=CVE-2025-20632
03 Feb 2025 — In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00397139; Issue ID: MSV-2188. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 3%CPEs: 6EXPL: 1CVE-2024-20137
https://notcve.org/view.php?id=CVE-2024-20137
02 Dec 2024 — In wlan driver, there is a possible client disconnection due to improper handling of exceptional conditions. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00384543; Issue ID: MSV-1727. • https://github.com/takistmr/CVE-2024-20137 • CWE-248: Uncaught Exception •
CVSS: 9.8EPSS: 0%CPEs: 47EXPL: 0CVE-2024-20040
https://notcve.org/view.php?id=CVE-2024-20040
01 Apr 2024 — In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08360153 (for MT6XXX chipsets) / WCNCR00363530 (for MT79XX chipsets); Issue ID: MSV-979. En el firmware WLAN, existe una posible escritura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/April-2024 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 70%CPEs: 5EXPL: 2CVE-2024-20017 – MediaTek wappd Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-20017
04 Mar 2024 — In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation Patch ID: WCNCR00350938; Issue ID: MSV-1132. En el servicio WLAN, existe una posible escritura fuera de los límites debido a una validación de entrada incorrecta. Esto podría conducir a una escalada local de privilegios sin necesidad de permisos de ejecución adicionales. • https://packetstorm.news/files/id/180478 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2023-32831
https://notcve.org/view.php?id=CVE-2023-32831
02 Jan 2024 — In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This could lead to local information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00325055; Issue ID: MSV-868. En el controlador WLAN, existe una posible vulneración del PIN debido al uso de valores insuficientemente aleatorios. • https://corp.mediatek.com/product-security-bulletin/January-2024 • CWE-330: Use of Insufficiently Random Values •