CVE-2025-20633

High

Published: 03 February 2025

Published

03 February 2025

Modified

18 March 2025

KEV Added

—

Patch

—

CVSS Score 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0030 53.4th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-20633 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Mediatek Software Development Kit. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation of Remote Services (T1210); ranked in the top 46.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation of Remote Services (T1210). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly remediates the out-of-bounds write vulnerability in the WLAN AP driver by requiring timely application of the vendor patch WCNCR00400889.

SI-10 Information Input Validation good match

prevent

Requires validation of information inputs to the WLAN driver, directly addressing the incorrect bounds check that enables the out-of-bounds write.

SI-16 Memory Protection good match

prevent

Implements memory protection mechanisms that prevent arbitrary code execution from out-of-bounds writes in the WLAN AP driver.

MITRE ATT&CK Enterprise TechniquesAI

T1210 Exploitation of Remote Services Lateral Movement

Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.

attack.mitre.org →

Why these techniques?

Out-of-bounds write in WLAN AP driver directly enables remote code execution over adjacent network without auth, mapping to exploitation of remote services.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch…

ID: WCNCR00400889; Issue ID: MSV-2491.

Deeper analysisAI

CVE-2025-20633 is a high-severity vulnerability in the WLAN Access Point (AP) driver, stemming from an incorrect bounds check that enables an out-of-bounds write. This flaw affects MediaTek's WLAN AP driver components, as detailed in their product security bulletin. Classified under CWE-787 (Out-of-bounds Write), it carries a CVSS v3.1 base score of 8.8 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating significant impact potential.

An attacker positioned in the adjacent or proximal network segment (AV:A) can exploit this vulnerability remotely with low complexity, requiring no privileges (PR:N) or user interaction (UI:N). Successful exploitation leads to arbitrary code execution, granting high confidentiality, integrity, and availability impacts (C:H/I:H/A:H) without scope changes.

MediaTek's February 2025 Product Security Bulletin addresses the issue, providing Patch ID WCNCR00400889 for remediation. Affected vendors and device manufacturers should apply this patch to mitigate the risk of adjacent-network code execution.

Details

CWE(s): CWE-787

Affected Products

mediatek

software development kit

≤ 7.4.0.1

CVEs Like This One

CVE-2025-20631Same product: Mediatek Mt7615

CVE-2025-20632Same product: Mediatek Mt7615

CVE-2025-20646Same product: Mediatek Mt7915

CVE-2026-20430Same product: Mediatek Mt7915

CVE-2025-20634Same vendor: Mediatek

CVE-2026-20433Same vendor: Mediatek

CVE-2026-20434Same vendor: Mediatek

CVE-2025-20727Same vendor: Mediatek

CVE-2026-20432Same vendor: Mediatek

CVE-2025-20708Same vendor: Mediatek

References

https://corp.mediatek.com/product-security-bulletin/February-2025
Vendor Advisory · security@mediatek.com