9.8
CVE-2025-20672
- EPSS 0.76%
- Veröffentlicht 02.06.2025 02:29:38
- Zuletzt bearbeitet 02.07.2025 15:41:26
- Quelle security@mediatek.com
- CVE-Watchlists
- Unerledigt
In Bluetooth driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00412257; Issue ID: MSV-3292.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mediatek ≫ Mt7902 Firmware Version <= 3.6
Mediatek ≫ Mt7921 Firmware Version <= 3.6
Mediatek ≫ Mt7922 Firmware Version <= 3.6
Mediatek ≫ Mt7925 Firmware Version <= 3.6
Mediatek ≫ Mt7927 Firmware Version <= 3.6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.76% | 0.732 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-122 Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().