Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

CVE-2025-20713: CWE-121 Stack Overflow in MediaTek, Inc. MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986

0
High
VulnerabilityCVE-2025-20713cvecve-2025-20713cwe-121
Published: Tue Oct 14 2025 (10/14/2025, 09:11:45 UTC)
Source: CVE Database V5
Vendor/Project: MediaTek, Inc.
Product: MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, MT7986

Description

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00432661; Issue ID: MSV-3904.

AI-Powered Analysis

AILast updated: 10/14/2025, 09:42:27 UTC

Technical Analysis

CVE-2025-20713 is a stack overflow vulnerability classified under CWE-121 found in the WLAN AP driver of multiple MediaTek chipsets: MT6890, MT7615, MT7622, MT7663, MT7915, MT7916, MT7981, and MT7986. The vulnerability stems from an incorrect bounds check in the driver code, which leads to an out-of-bounds write on the stack. This memory corruption can be exploited by a local attacker who has already obtained System-level privileges to escalate their privileges further, potentially gaining higher control over the affected device. The flaw does not require user interaction, making it easier to exploit once initial access is achieved. The affected software versions include SDK release 7.6.7.2 and earlier, and openWRT versions 19.07 and 21.02 specifically for the MT6890 chipset. Although no public exploits are known at this time, the vulnerability is significant because it affects widely deployed MediaTek chipsets used in wireless access points and embedded networking devices. The vulnerability was publicly disclosed on October 14, 2025, but no CVSS score has been assigned yet. The issue is tracked internally by MediaTek under issue ID MSV-3904 and patch ID WCNCR00432661. The vulnerability's exploitation requires prior system-level access, so it is not a remote code execution vulnerability but rather a local privilege escalation vector. This could be leveraged by attackers who have compromised a device to gain persistent and elevated control, potentially undermining device integrity and security.

Potential Impact

For European organizations, the impact of CVE-2025-20713 can be significant, especially for those relying on MediaTek-based wireless access points and embedded devices in their network infrastructure. Successful exploitation allows attackers with existing system privileges to escalate their access, potentially gaining full control over affected devices. This can lead to unauthorized configuration changes, interception or manipulation of network traffic, and persistence on critical network components. Given that many enterprises and service providers in Europe deploy MediaTek chipsets in their networking equipment, the vulnerability could facilitate lateral movement within networks and compromise sensitive data confidentiality and integrity. Additionally, the lack of user interaction required for exploitation increases the risk of automated or stealthy attacks once initial access is obtained. The vulnerability could also affect IoT and industrial control systems using these chipsets, impacting availability and operational continuity. The absence of known exploits currently limits immediate risk, but the potential for future exploitation necessitates proactive mitigation. Organizations in Europe must consider this vulnerability in their risk assessments, especially those in sectors with high dependency on wireless infrastructure such as telecommunications, finance, and critical infrastructure.

Mitigation Recommendations

To mitigate CVE-2025-20713 effectively, European organizations should: 1) Monitor MediaTek and vendor advisories closely and apply patches or firmware updates as soon as they become available, particularly for SDK release 7.6.7.2 and earlier and openWRT 19.07/21.02 versions. 2) Restrict system-level access to trusted administrators only, enforcing strong authentication and access control policies to minimize the risk of attackers obtaining initial System privileges. 3) Implement network segmentation to isolate devices using affected MediaTek chipsets, reducing the potential for lateral movement if a device is compromised. 4) Employ host-based intrusion detection and behavior monitoring on devices running these chipsets to detect anomalous activities indicative of exploitation attempts. 5) Conduct regular security audits and vulnerability scans targeting embedded devices and wireless infrastructure to identify unpatched systems. 6) Where possible, consider replacing legacy or unsupported hardware running vulnerable firmware with updated, secure alternatives. 7) Educate IT staff about the nature of local privilege escalation threats and the importance of limiting administrative privileges. 8) Use endpoint protection solutions capable of detecting exploitation techniques related to stack overflows and memory corruption. These steps, combined with timely patching, will reduce the likelihood and impact of exploitation.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
MediaTek
Date Reserved
2024-11-01T01:21:50.387Z
Cvss Version
null
State
PUBLISHED

Threat ID: 68ee16307eab8b438c025d28

Added to database: 10/14/2025, 9:21:52 AM

Last enriched: 10/14/2025, 9:42:27 AM

Last updated: 10/16/2025, 6:00:42 AM

Views: 7

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats