In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege (when OceReducedNeighborReport is disabled). User interaction is not needed for exploitation. Patch ID: WCNCR00441510; Issue ID: MSV-4139.
2025-11-04T07:15:37.820
2025-11-05T17:13:40.067
Analyzed
CVSSv3.1: 5.3 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | mediatek | software_development_kit | ≤ 7.6.7.2 | Yes |
| Operating System | openwrt | openwrt | 19.07.0 | Yes |
| Operating System | openwrt | openwrt | 21.02.0 | Yes |
| Hardware | mediatek | mt6890 | - | No |
| Hardware | mediatek | mt7615 | - | No |
| Hardware | mediatek | mt7622 | - | No |
| Hardware | mediatek | mt7663 | - | No |
| Hardware | mediatek | mt7915 | - | No |
| Hardware | mediatek | mt7916 | - | No |
| Hardware | mediatek | mt7981 | - | No |
| Hardware | mediatek | mt7986 | - | No |