In Bluetooth driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00412257; Issue ID: MSV-3292.
CVSS
No CVSS.
References
| Link | Resource |
|---|---|
| https://corp.mediatek.com/product-security-bulletin/June-2025 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
History
02 Jul 2025, 15:41
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Mediatek mt7921
Mediatek mt7927 Firmware Mediatek mt7925 Firmware Mediatek mt7927 Mediatek mt7922 Mediatek mt7922 Firmware Mediatek mt7921 Firmware Mediatek mt7902 Mediatek mt7902 Firmware Mediatek mt7925 Mediatek |
|
| References | () https://corp.mediatek.com/product-security-bulletin/June-2025 - Vendor Advisory | |
| CPE | cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:* cpe:2.3:o:mediatek:mt7927_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:* cpe:2.3:o:mediatek:mt7902_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:mediatek:mt7925_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7925:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7922:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt7927:-:*:*:*:*:*:*:* cpe:2.3:o:mediatek:mt7922_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:mediatek:mt7921_firmware:*:*:*:*:*:*:*:* |
02 Jun 2025, 16:15
| Type | Values Removed | Values Added |
|---|---|---|
| CWE |
02 Jun 2025, 03:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-06-02 03:15
Updated : 2025-07-02 15:41
NVD link : CVE-2025-20672
Mitre link : CVE-2025-20672
JSON object : View
Products Affected
mediatek
- mt7927
- mt7921
- mt7902_firmware
- mt7925
- mt7925_firmware
- mt7921_firmware
- mt7922_firmware
- mt7922
- mt7927_firmware
- mt7902
CWE
No CWE.