CVE-2025-20686

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00415570; Issue ID: MSV-3404.

Published: Jul 8, 2025
Updated: Jul 9, 2025
CVE: CVE-2025-20686
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
mediatek / software_development_kit	-	7.6.7.2.x
openwrt / openwrt	19.07.0	19.07.0.x
openwrt / openwrt	21.02.0	21.02.0.x

https://corp.mediatek.com/product-security-bulletin/July-2025

Vulnerability Database

CVE-2025-20686