CVE-2025-20673

In wlan STA driver, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00413200; Issue ID: MSV-3304.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:mediatek:mt7902_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:mediatek:mt7921_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:mediatek:mt7922_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7922:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:mediatek:mt7925_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7925:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:mediatek:mt7927_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7927:-:*:*:*:*:*:*:*

History

02 Jul 2025, 15:40

Type Values Removed Values Added
First Time Mediatek mt7922
Mediatek mt7921 Firmware
Mediatek mt7925 Firmware
Mediatek mt7921
Mediatek
Mediatek mt7902
Mediatek mt7927
Mediatek mt7925
Mediatek mt7902 Firmware
Mediatek mt7927 Firmware
Mediatek mt7922 Firmware
References () https://corp.mediatek.com/product-security-bulletin/June-2025 - () https://corp.mediatek.com/product-security-bulletin/June-2025 - Vendor Advisory
CPE cpe:2.3:h:mediatek:mt7927:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt7902_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7922:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt7921_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt7925_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt7925:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt7922_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:mt7927_firmware:*:*:*:*:*:*:*:*
Summary
  • (es) En el controlador STA de WLAN, existe un posible fallo del sistema debido a una excepción no detectada. Esto podría provocar una denegación de servicio local, con privilegios de ejecución de usuario requeridos. No se requiere la interacción del usuario para su explotación. ID de parche: WCNCR00413200; ID de problema: MSV-3304.

02 Jun 2025, 16:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5

02 Jun 2025, 03:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-06-02 03:15

Updated : 2025-07-02 15:40


NVD link : CVE-2025-20673

Mitre link : CVE-2025-20673

CVE.ORG link : CVE-2025-20673


JSON object : View

Products Affected

mediatek

  • mt7921
  • mt7902
  • mt7925_firmware
  • mt7925
  • mt7902_firmware
  • mt7927
  • mt7927_firmware
  • mt7921_firmware
  • mt7922
  • mt7922_firmware
CWE
CWE-476

NULL Pointer Dereference