Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-20664

In wlan AP driver, there is a possible information disclosure due to an uncaught exception. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00406217; Issue ID: MSV-2773.

Published

2025-04-07T04:15:20.420

Last Modified

2025-04-11T15:52:40.517

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Secondary
CWE-248
Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	mediatek	software_development_kit	≤ 7.4.0.1	Yes
Hardware	mediatek	mt7915	-	Yes
Application	mediatek	software_development_kit	≤ 7.6.7.2	Yes
Hardware	mediatek	mt7916	-	Yes
Hardware	mediatek	mt7981	-	Yes
Hardware	mediatek	mt7986	-	Yes
Application	mediatek	software_development_kit	≤ 8.2.1.4	Yes
Hardware	mediatek	mt7990	-	Yes
Hardware	mediatek	mt7992	-	Yes

References

https://corp.mediatek.com/product-security-bulletin/April-2025 Vendor Advisory ([email protected])