The semiconductor giant’s latest Product Security Bulletin, published on June 2, 2025, reveals that device manufacturers have been aware of these issues for at least two months, providing adequate time for patch development and deployment across affected products.
The most concerning vulnerability in this disclosure is CVE-2025-20672, rated as high severity under the Common Vulnerability Scoring System version 3.1 (CVSS v3.1).
This critical Vulnerabilities represents a heap overflow Vulnerabilities in MediaTek’s Bluetooth driver that could allow attackers to achieve local escalation of privilege with only user-level execution privileges required.
The Vulnerabilities stems from an incorrect bounds check that enables a possible out-of-bounds write operation, potentially giving malicious actors elevated system access.
The affected chipsets include the MT7902, MT7921, MT7922, MT7925, and MT7927 series, all running NB SDK release 3.6 and earlier versions.
What makes this Vulnerabilities particularly dangerous is that no user interaction is required for exploitation, meaning attackers could potentially leverage this flaw automatically once they gain initial access to a target device.
The Vulnerabilities was reported through external security research, highlighting the importance of collaborative security disclosure practices in the semiconductor industry.
Beyond the privilege escalation Vulnerabilities, MediaTek’s bulletin reveals five medium-severity vulnerabilities that primarily affect wireless connectivity components.
Four of these Vulnerabilities (CVE-2025-20673, CVE-2025-20675, CVE-2025-20676, and CVE-2025-20677) involve null pointer dereference issues that could lead to system crashes and denial of service conditions.
Three of these vulnerabilities target the WLAN STA driver, while one affects the Bluetooth driver.
These null pointer dereference vulnerabilities share common characteristics: they can cause system crashes due to uncaught exceptions, require user execution privileges, but critically, need no user interaction for exploitation.
The affected chipsets mirror those impacted by the Bluetooth heap overflow, suggesting a common codebase or development approach across MediaTek’s wireless connectivity implementations.
Additionally, CVE-2025-20674 presents a different attack vector through incorrect authorization in the WLAN AP driver.
This vulnerability could enable attackers to inject arbitrary packets due to missing permission checks, potentially leading to remote privilege escalation without requiring additional execution privileges.
According to Report, the scope of MediaTek’s Vulnerabilities disclosure extends far beyond traditional smartphone chipsets, encompassing products used in tablets, AIoT devices, smart displays, OTT platforms, computer vision systems, audio equipment, and television sets.
The most broadly impacting vulnerability, CVE-2025-20678, affects an extensive list of over 80 different chipset models spanning multiple product generations.
This particular Vulnerabilities involves uncontrolled recursion in the IMS (IP Multimedia Subsystem) service, which could enable remote denial of service attacks when a device connects to a rogue base station controlled by an attacker.
The Vulnerabilities affects modem software versions LR12A, LR13, NR15, NR16, NR17, and NR17R, demonstrating the widespread nature of the underlying code vulnerability across MediaTek’s product portfolio.
The comprehensive nature of these vulnerabilities underscores the interconnected security challenges facing modern connected devices, where a single codebase vulnerability can impact millions of devices across diverse product categories and use cases.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
The post Critical MediaTek Vulnerabilities Enable Silent Privilege Escalation appeared first on Cyber Security News.
Harry Potter fans, don't miss out on an opportunity to pick up a LEGO set…
Amazon’s annual Gaming Week sale is live, running from April 27 to May 4, and…
A crossover movie based on the Django/Zorro comic book co-written by Quentin Tarantino and Matt…
Even though we've finally gotten a look at the first trailer for Sony and Marvel's…
Say what you will about the man himself, but Michael the movie biopic is a…
In celebration of National Deaf History Month, Disney+ has debuted Disney Animation's Songs in Sign…
This website uses cookies.